Lucene search

[email protected]NVD:CVE-2009-3951

HistoryDec 10, 2009 - 7:30 p.m.

CVE-2009-3951

2009-12-1019:30:00

CWE-200

[email protected]

web.nvd.nist.gov

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:C/I:N/A:N

AI Score

7.4

Confidence

High

EPSS

0.009

Percentile

83.0%

JSON

Unspecified vulnerability in the Flash Player ActiveX control in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 on Windows allows remote attackers to obtain the names of local files via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4820.

Affected configurations

Nvd

Node

microsoftwindows

AND

adobeadobe_airRange≤1.5.2

adobeadobe_airMatch1.0

adobeadobe_airMatch1.0.1

adobeadobe_airMatch1.1

adobeadobe_airMatch1.5.1

adobeflash_playerRange≤10.0.32.18

adobeflash_playerMatch7.0

adobeflash_playerMatch7.0.1

adobeflash_playerMatch7.0.25

adobeflash_playerMatch7.0.63

adobeflash_playerMatch7.0.69.0

adobeflash_playerMatch7.0.70.0

adobeflash_playerMatch7.1

adobeflash_playerMatch7.1.1

adobeflash_playerMatch7.2

adobeflash_playerMatch8pro

adobeflash_playerMatch8professional

adobeflash_playerMatch8.0

adobeflash_playerMatch8.0basic

adobeflash_playerMatch8.0pro

adobeflash_playerMatch8.0.24.0

adobeflash_playerMatch8.0.34.0

adobeflash_playerMatch8.0.35.0

adobeflash_playerMatch8.0.39.0

adobeflash_playerMatch9.0

adobeflash_playerMatch9.0.16

adobeflash_playerMatch9.0.18d60

adobeflash_playerMatch9.0.20

adobeflash_playerMatch9.0.20.0

adobeflash_playerMatch9.0.28

adobeflash_playerMatch9.0.28.0

adobeflash_playerMatch9.0.31

adobeflash_playerMatch9.0.31.0

adobeflash_playerMatch9.0.45.0

adobeflash_playerMatch9.0.47.0

adobeflash_playerMatch9.0.48.0

adobeflash_playerMatch9.0.112.0

adobeflash_playerMatch9.0.114.0

adobeflash_playerMatch9.0.115.0

adobeflash_playerMatch9.0.124.0

adobeflash_playerMatch9.0.155.0

adobeflash_playerMatch9.0.159.0

adobeflash_playerMatch9.125.0

adobeflash_playerMatch10.0.0.584

adobeflash_playerMatch10.0.12.10

adobeflash_playerMatch10.0.12.36

adobeflash_playerMatch10.0.22.87

VendorProductVersionCPE
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
adobeadobe_air*cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*
adobeadobe_air1.0cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*
adobeadobe_air1.0.1cpe:2.3:a:adobe:adobe_air:1.0.1:*:*:*:*:*:*:*
adobeadobe_air1.1cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*
adobeadobe_air1.5.1cpe:2.3:a:adobe:adobe_air:1.5.1:*:*:*:*:*:*:*
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
adobeflash_player7.0cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*
adobeflash_player7.0.1cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*
adobeflash_player7.0.25cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	windows	*	cpe:2.3:o:microsoft:windows::::::::
adobe	adobe_air	*	cpe:2.3:a:adobe:adobe_air::::::::
adobe	adobe_air	1.0	cpe:2.3:a:adobe:adobe_air:1.0:::::::*
adobe	adobe_air	1.0.1	cpe:2.3:a:adobe:adobe_air:1.0.1:::::::*
adobe	adobe_air	1.1	cpe:2.3:a:adobe:adobe_air:1.1:::::::*
adobe	adobe_air	1.5.1	cpe:2.3:a:adobe:adobe_air:1.5.1:::::::*
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::::
adobe	flash_player	7.0	cpe:2.3:a:adobe:flash_player:7.0:::::::*
adobe	flash_player	7.0.1	cpe:2.3:a:adobe:flash_player:7.0.1:::::::*
adobe	flash_player	7.0.25	cpe:2.3:a:adobe:flash_player:7.0.25:::::::*