Your message dated Sun, 04 May 2008 07:03:46 +0200
with message-id <[EMAIL PROTECTED]>
and subject line CVE-2007-6637: Multiple cross-site scripting (XSS)
vulnerabilities
has caused the Debian Bug report #459071,
regarding CVE-2007-6637: Multiple cross-site scripting (XSS) vulnerabilities
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
459071: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=459071
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: flashplugin-nonfree
Severity: important
Tags: security
Hi
The following CVE[0] has been issued against Adobe Flash Player.
CVE-2007-6637:
Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash
Player allow remote attackers to inject arbitrary web script or HTML via
a crafted SWF file, related to "pre-generated SWF files" and Adobe
Dreamweaver CS3 or Adobe Acrobat Connect. NOTE: the asfunction: vector
is already covered by CVE-2007-6244.1.
Could you please check, if the debian version needs to be updated?
Thanks for your efforts.
Cheers
Steffen
[0]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6637
--- End Message ---
--- Begin Message ---
Fixed in Adobe Flash Player 9,0,124,0.
--- End Message ---
