Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0114

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2009-0114
Last Modified 02 Nov 2013 10:47:07
Published 26 Feb 2009 11:17:19
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0114

Summary

Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking issue variant."

Vulnerable Systems

Application

  • Adobe Air 1.5

  • Adobe Flash Player 10.0.0.584

  • Adobe Flash Player 10.0.12.10

  • Adobe Flash Player 10.0.12.36

  • Adobe Flash Player 7.0

  • Adobe Flash Player 7.0.1

  • Adobe Flash Player 7.0.25

  • Adobe Flash Player 7.0.63

  • Adobe Flash Player 7.0.69.0

  • Adobe Flash Player 7.0.70.0

  • Adobe Flash Player 7.1

  • Adobe Flash Player 7.1.1

  • Adobe Flash Player 7.2

  • Adobe Flash Player 8.0

  • Adobe Flash Player 8.0.24.0

  • Adobe Flash Player 8.0.34.0

  • Adobe Flash Player 8.0.35.0

  • Adobe Flash Player 8.0.39.0

  • Adobe Flash Player 9.0.112.0

  • Adobe Flash Player 9.0.114.0

  • Adobe Flash Player 9.0.115.0

  • Adobe Flash Player 9.0.124.0

  • Adobe Flash Player 9.0.16

  • Adobe Flash Player 9.0.20

  • Adobe Flash Player 9.0.20.0

  • Adobe Flash Player 9.0.28

  • Adobe Flash Player 9.0.28.0

  • Adobe Flash Player 9.0.31.0

  • Adobe Flash Player 9.0.45.0

  • Adobe Flash Player 9.0.47.0

  • Adobe Flash Player 9.0.48.0

  • Adobe Flash Player Cs3

  • Adobe Flash Player Cs4

  • Adobe Flash Player For Linux 10.0.15.3

  • Adobe Flex 3.0


References

CERT - TA09-133A

VUPEN - ADV-2009-0513

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb09-01.html

XF - flash-settings-manager-click-hijacking(48902)

VUPEN - ADV-2009-1297

VUPEN - ADV-2009-0743

CONFIRM - http://support.apple.com/kb/HT3549

SUNALERT - 254909

SECTRACK - 1021751

GENTOO - GLSA-200903-23

SECUNIA - 35074

SECUNIA - 34293

SECUNIA - 34226

APPLE - APPLE-SA-2009-05-12

MISC - http://isc.sans.org/diary.html?storyid=5929

Related Patches

Apple 2009-05-12 Security Update 2009-002 Server (Tiger PPC)

Apple 2009-05-12 Security Update 2009-002 (Tiger PPC)

Apple 2009-05-12 Mac OS X 10.5.7 Combo Update

Apple 2009-05-12 Mac OS X Server 10.5.7 Update

Apple 2009-05-12 Mac OS X 10.5.7 Update

Apple 2009-05-12 Security Update 2009-002 (Tiger Intel)

Apple 2009-05-12 Mac OS X Server 10.5.7 Combo Update

Adobe APSB09-01 Flash Player 10.0.22.87 for Mac OS X


Last Updated: 27 May 2016 10:50:07