Lucene search

[email protected]NVD:CVE-2009-3796

HistoryDec 10, 2009 - 7:30 p.m.

CVE-2009-3796

2009-12-1019:30:00

CWE-94

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.0%

JSON

Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors, related to a “data injection vulnerability.”

Affected configurations

NVD

Node

adobeadobe_airRange≤1.5.2

adobeadobe_airMatch1.0

adobeadobe_airMatch1.0.1

adobeadobe_airMatch1.1

adobeadobe_airMatch1.5.1

adobeflash_playerRange≤10.0.32.18

adobeflash_playerMatch7.0

adobeflash_playerMatch7.0.1

adobeflash_playerMatch7.0.25

adobeflash_playerMatch7.0.63

adobeflash_playerMatch7.0.69.0

adobeflash_playerMatch7.0.70.0

adobeflash_playerMatch7.1

adobeflash_playerMatch7.1.1

adobeflash_playerMatch7.2

adobeflash_playerMatch8pro

adobeflash_playerMatch8professional

adobeflash_playerMatch8.0

adobeflash_playerMatch8.0basic

adobeflash_playerMatch8.0pro

adobeflash_playerMatch8.0.24.0

adobeflash_playerMatch8.0.34.0

adobeflash_playerMatch8.0.35.0

adobeflash_playerMatch8.0.39.0

adobeflash_playerMatch9.0

adobeflash_playerMatch9.0.16

adobeflash_playerMatch9.0.18d60

adobeflash_playerMatch9.0.20

adobeflash_playerMatch9.0.20.0

adobeflash_playerMatch9.0.28

adobeflash_playerMatch9.0.28.0

adobeflash_playerMatch9.0.31

adobeflash_playerMatch9.0.31.0

adobeflash_playerMatch9.0.45.0

adobeflash_playerMatch9.0.47.0

adobeflash_playerMatch9.0.112.0

adobeflash_playerMatch9.0.114.0

adobeflash_playerMatch9.0.115.0

adobeflash_playerMatch9.0.124.0

adobeflash_playerMatch9.0.155.0

adobeflash_playerMatch9.0.159.0

adobeflash_playerMatch9.125.0

adobeflash_playerMatch10.0.0.584

adobeflash_playerMatch10.0.12.10

adobeflash_playerMatch10.0.12.36

adobeflash_playerMatch10.0.22.87

References

lists.apple.com/archives/security-announce/2010/Jan/msg00000.html

lists.opensuse.org/opensuse-security-announce/2009-12/msg00003.html

osvdb.org/60886

secunia.com/advisories/37584

secunia.com/advisories/37902

secunia.com/advisories/38241

securitytracker.com/id?1023306

securitytracker.com/id?1023307

sunsolve.sun.com/search/document.do?assetkey=1-77-1021716.1-1

support.apple.com/kb/HT4004

www.adobe.com/support/security/bulletins/apsb09-19.html

www.redhat.com/support/errata/RHSA-2009-1657.html

www.redhat.com/support/errata/RHSA-2009-1658.html

www.securityfocus.com/bid/37199

www.us-cert.gov/cas/techalerts/TA09-343A.html

www.vupen.com/english/advisories/2009/3456

www.vupen.com/english/advisories/2010/0173

bugzilla.redhat.com/show_bug.cgi?id=543857

exchange.xforce.ibmcloud.com/vulnerabilities/54632

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16216

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7460

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7763

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.0%

JSON

Related for NVD:CVE-2009-3796

cve1 ubuntucve1 prion1 cvelist1 redhat2 nessus14 openvas16 gentoo1 securityvulns2 suse1 freebsd1 threatpost1