CyberSec.Space Logo
Back to CVE Browser

CVE-2007-6149

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1600%
EPSS Percentile9.96th
PublishedFeb 13, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple integer overflows in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allow remote attackers to execute arbitrary code via a Real Time Message Protocol (RTMP) message with a crafted integer field that is used for allocation.

Affected Platforms (CPE)

πŸ“¦
Adobe

Connect Enterprise Server

<= 6
πŸ“¦
Adobe

Flash Media Server 2

<= 2.0.4

References & Advisories

πŸ”— http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=662
πŸ”— http://secunia.com/advisories/28946
πŸ”— http://secunia.com/advisories/28947
πŸ”— http://www.adobe.com/support/security/bulletins/apsb08-03.html
πŸ”— http://www.adobe.com/support/security/bulletins/apsb08-04.html
πŸ”— http://www.securityfocus.com/bid/27762
πŸ”— http://www.securitytracker.com/id?1019399
πŸ”— http://www.vupen.com/english/advisories/2008/0538/references

Related Vulnerabilities

CVE-2007-614810.0

Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before...

CVE-2007-643110.0

Unspecified vulnerability in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote at...

CVE-2020-272659.8

KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregato...

CVE-2020-272639.1

KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregato...