[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2009-1862Date: (C)2009-07-23   (M)2021-09-11


Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SUNALERT-266108
BID-35759
SECUNIA-36193
SECUNIA-36374
SECUNIA-36701
APPLE-SA-2009-09-10-1
APPLE-SA-2009-09-10-2
GLSA-200908-04
VU#259425
http://blogs.adobe.com/psirt/2009/07/potential_adobe_reader_and_fla.html
http://bugs.adobe.com/jira/browse/FP-1265
http://isc.sans.org/diary.html?storyid=6847
http://news.cnet.com/8301-27080_3-10293389-245.html
http://support.apple.com/kb/HT3864
http://support.apple.com/kb/HT3865
http://www.adobe.com/support/security/advisories/apsa09-03.html
http://www.adobe.com/support/security/bulletins/apsb09-10.html
http://www.adobe.com/support/security/bulletins/apsb09-13.html
http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-072209-2512-99
http://www.symantec.com/connect/blogs/next-generation-flash-vulnerability

CPE    30
cpe:/a:adobe:acrobat_reader:9.1
cpe:/a:adobe:acrobat_reader:9.0
cpe:/a:adobe:flash_player:9.0.124.0
cpe:/a:adobe:flash_player:9.0.45.0
...
CWE    1
CWE-94
OVAL    7
oval:org.secpod.oval:def:17960
oval:org.secpod.oval:def:17959
oval:org.secpod.oval:def:17976
oval:org.secpod.oval:def:17975
...

© SecPod Technologies