Published: 26/02/2009 Updated: 29/09/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Adobe Flash Player 9.x prior to 9.0.159.0 and 10.x prior to 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote malicious users to execute arbitrary code via a crafted file, related to a "buffer overflow issue."

Vulnerable Product	Search on Vulmon	Subscribe to Product
adobe flash player 9.0.45.0
adobe flash player 9.0.31.0
adobe flash player 9.0.115.0
adobe flash player 9.0.114.0
adobe flash player 10.0.0.584
adobe flash player 10.0.12.10
adobe flash player 7.0.70.0
adobe flash player 7.1
adobe flash player 8.0.39.0
adobe flash player 8.0
adobe flash player 9.0.20.0
adobe flash player 9.0.20
adobe flash player for linux
adobe air 1.5
adobe flash player 7.0.25
adobe flash player 7.0.63
adobe flash player 8.0.24.0
adobe flash player 9.0.48.0
adobe flash player 9.0.47.0
adobe flash player 9.0.16
adobe flash player 9.0.124.0
adobe flash player cs3
adobe flash player cs4
adobe flex 3.0
adobe flash player 7.0.69.0
adobe flash player 8.0.34.0
adobe flash player 8.0.35.0
adobe flash player 9.0.28.0
adobe flash player 9.0.28
adobe flash player 9.0.112.0
adobe flash player
adobe flash player 7.0
adobe flash player 7.0.1
adobe flash player 7.1.1
adobe flash player 7.2

Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An updated Adobe Flash Player package that fixes several security issues isnow available for Red Hat Enterprise Linux 5 SupplementaryThis update has been rated as having critical security impact by the RedHat Se ...

Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An updated Adobe Flash Player package that fixes several security issues isnow available for Red Hat Enterprise Linux 3 and 4 ExtrasThis update has been rated as having critical security impact by the RedHat Sec ...

source: wwwsecurityfocuscom/bid/33880/info Adobe Flash Player is prone to a remote code-execution vulnerability An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application Failed exploit attempts will likely crash the application, denying service to legitimate users Versions pr ...

CWE-119 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=773 http://rhn.redhat.com/errata/RHSA-2009-0334.html http://isc.sans.org/diary.html?storyid=5929 http://www.vupen.com/english/advisories/2009/0513 https://bugzilla.redhat.com/show_bug.cgi?id=487142 http://rhn.redhat.com/errata/RHSA-2009-0332.html http://www.adobe.com/support/security/bulletins/apsb09-01.html http://www.securityfocus.com/bid/33880 http://secunia.com/advisories/34012 http://securitytracker.com/id?1021750 http://secunia.com/advisories/34226 http://security.gentoo.org/glsa/glsa-200903-23.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-254909-1 http://www.vupen.com/english/advisories/2009/0743 http://secunia.com/advisories/34293 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://www.vupen.com/english/advisories/2009/1297 http://support.apple.com/kb/HT3549 http://secunia.com/advisories/35074 http://www.us-cert.gov/cas/techalerts/TA09-133A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/48887 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6593 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16057 https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2009:0332 https://www.exploit-db.com/exploits/32811/

CVE-2009-0520

Vulnerability Summary

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect