GSD-2008-3873 — Vulnetix

Try Vulnetix Request Demo

GSD-2008-3873 PUBLISHED

The System.setClipboard method in ActionScript in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to populate the clipboard with a URL that is difficult to delete and does not require user interaction to populate the clipboard, as exploited in the wild in August 2008.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a

Timeline

Aug 14, 2007 CVE Published
Apr 15, 2026 Security Advisory
Apr 15, 2026 Security Advisory

References

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=834256&poid= url
33390 third-party-advisory
http://www.adobe.com/support/security/bulletins/apsb08-18.html url
http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm url
32702 third-party-advisory
adobe-flash-setclipboard-hijacking(44584) vdb
http://www.adobe.com/devnet/flashplayer/articles/fplayer10_security_changes.html url
http://blogs.adobe.com/psirt/2008/08/clipboard_attack.html url
34226 third-party-advisory
ADV-2008-2838 vdb
http://blogs.zdnet.com/security/?p=1733 url
1020724 vdb
32759 third-party-advisory
RHSA-2008:0945 vendor-advisory
RHSA-2008:0980 vendor-advisory
http://support.avaya.com/elmodocs2/security/ASA-2008-440.htm url
31117 vdb
248586 vendor-advisory
32448 third-party-advisory
SUSE-SR:2008:025 vendor-advisory

…and 2 more

Open in Interactive Console →