cpe:/a:adobe:air:1.5 cpe:/a:adobe:flash_player:7.0 cpe:/a:adobe:flash_player:7.0.1 cpe:/a:adobe:flash_player:7.0.25 cpe:/a:adobe:flash_player:7.0.63 cpe:/a:adobe:flash_player:7.0.63::linux cpe:/a:adobe:flash_player:7.0.69.0 cpe:/a:adobe:flash_player:7.0.70.0 cpe:/a:adobe:flash_player:7.1 cpe:/a:adobe:flash_player:7.1.1 cpe:/a:adobe:flash_player:7.2 cpe:/a:adobe:flash_player:8.0 cpe:/a:adobe:flash_player:8.0::basic cpe:/a:adobe:flash_player:8.0::pro cpe:/a:adobe:flash_player:8.0.24.0 cpe:/a:adobe:flash_player:8.0.34.0 cpe:/a:adobe:flash_player:8.0.35.0 cpe:/a:adobe:flash_player:8.0.39.0 cpe:/a:adobe:flash_player:9.0.16 cpe:/a:adobe:flash_player:9.0.20 cpe:/a:adobe:flash_player:9.0.20.0 cpe:/a:adobe:flash_player:9.0.28 cpe:/a:adobe:flash_player:9.0.28.0 cpe:/a:adobe:flash_player:9.0.31.0 cpe:/a:adobe:flash_player:9.0.45.0 cpe:/a:adobe:flash_player:9.0.47.0 cpe:/a:adobe:flash_player:9.0.48.0 cpe:/a:adobe:flash_player:9.0.112.0 cpe:/a:adobe:flash_player:9.0.114.0 cpe:/a:adobe:flash_player:9.0.115.0 cpe:/a:adobe:flash_player:9.0.124.0 cpe:/a:adobe:flash_player:10.0.0.584 cpe:/a:adobe:flash_player:10.0.12.10 cpe:/a:adobe:flash_player:10.0.12.36 cpe:/a:adobe:flash_player:cs3::pro cpe:/a:adobe:flash_player:cs4::pro cpe:/a:adobe:flash_player_for_linux:10.0.15.3 cpe:/a:adobe:flex:3.0 CVE-2009-0520 2009-02-26T11:17:19.890-05:00 2017-09-28T21:33:51.137-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2009-02-27T08:43:00.000-05:00 ALLOWS_ADMIN_ACCESS SECTRACK 1021750 IDEFENSE 20090224 Adobe Flash Player Invalid Object Reference Vulnerability SUNALERT 254909 BID 33880 SECUNIA 34012 SECUNIA 34226 SECUNIA 34293 SECUNIA 35074 VUPEN ADV-2009-0513 VUPEN ADV-2009-0743 VUPEN ADV-2009-1297 APPLE APPLE-SA-2009-05-12 GENTOO GLSA-200903-23 IAVM IAVM:2009-A-0017 REDHAT RHSA-2009:0332 REDHAT RHSA-2009:0334 CERT TA09-133A XF flash-invalid-object-bo(48887) MISC http://isc.sans.org/diary.html?storyid=5929 CONFIRM http://support.apple.com/kb/HT3549 CONFIRM http://www.adobe.com/support/security/bulletins/apsb09-01.html CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=487142 Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a "buffer overflow issue."