Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1864

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2009-1864
Last Modified 02 Nov 2013 10:50:23
Published 31 Jul 2009 03:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-1864

Summary

Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.

Vulnerable Systems

Application

  • Adobe Air 1.0

  • Adobe Air 1.01

  • Adobe Air 1.1

  • Adobe Air 1.5

  • Adobe Air 1.5.1

  • Adobe Flash Player 10.0.0.584

  • Adobe Flash Player 10.0.12.10

  • Adobe Flash Player 10.0.12.36

  • Adobe Flash Player 10.0.22.87

  • Adobe Flash Player 7.0

  • Adobe Flash Player 7.0.1

  • Adobe Flash Player 7.0.25

  • Adobe Flash Player 7.0.63

  • Adobe Flash Player 7.0.69.0

  • Adobe Flash Player 7.0.70.0

  • Adobe Flash Player 7.1

  • Adobe Flash Player 7.1.1

  • Adobe Flash Player 7.2

  • Adobe Flash Player 8.0

  • Adobe Flash Player 8.0.24.0

  • Adobe Flash Player 8.0.34.0

  • Adobe Flash Player 8.0.35.0

  • Adobe Flash Player 8.0.39.0

  • Adobe Flash Player 9.0.112.0

  • Adobe Flash Player 9.0.114.0

  • Adobe Flash Player 9.0.115.0

  • Adobe Flash Player 9.0.124.0

  • Adobe Flash Player 9.0.16

  • Adobe Flash Player 9.0.20

  • Adobe Flash Player 9.0.20.0

  • Adobe Flash Player 9.0.28

  • Adobe Flash Player 9.0.28.0

  • Adobe Flash Player 9.0.31.0

  • Adobe Flash Player 9.0.45.0

  • Adobe Flash Player 9.0.47.0

  • Adobe Flash Player 9.0.48.0

  • Adobe Flex 3.0


References

VUPEN - ADV-2009-2086

BID - 35904

BID - 35890

XF - flash-air-unspecified-bo(52184)

SECTRACK - 1022629

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb09-13.html

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb09-10.html

CONFIRM - http://support.apple.com/kb/HT3865

CONFIRM - http://support.apple.com/kb/HT3864

SUNALERT - 266108

GENTOO - GLSA-200908-04

SECUNIA - 36701

SECUNIA - 36374

SECUNIA - 36193

APPLE - APPLE-SA-2009-09-10-2

APPLE - APPLE-SA-2009-09-10-1

Related Patches

Apple 2009-09-10 Mac OS X 10.6.1 Update

Apple 2009-09-10 Mac OS X Server 10.6.1 Update

Adobe APSB09-10 APSA09-03 Adobe Reader 9.1.3 Security Update for Windows (All Languages)

Adobe APSB09-10 Flash Player 10.0.32.18 for Mac OS X


Last Updated: 27 May 2016 10:50:42