PRIOn knowledge basePRION:CVE-2009-0520Buffer overflow
8.3 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.41 Medium
EPSS
Percentile
97.2%
Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a βbuffer overflow issue.β
References
isc.sans.org/diary.html?storyid=5929
labs.idefense.com/intelligence/vulnerabilities/display.php?id=773
lists.apple.com/archives/security-announce/2009/May/msg00002.html
rhn.redhat.com/errata/RHSA-2009-0332.html
rhn.redhat.com/errata/RHSA-2009-0334.html
secunia.com/advisories/34012
secunia.com/advisories/34226
secunia.com/advisories/34293
secunia.com/advisories/35074
security.gentoo.org/glsa/glsa-200903-23.xml
securitytracker.com/id?1021750
sunsolve.sun.com/search/document.do?assetkey=1-66-254909-1
support.apple.com/kb/HT3549
www.adobe.com/support/security/bulletins/apsb09-01.html
www.securityfocus.com/bid/33880
www.us-cert.gov/cas/techalerts/TA09-133A.html
www.vupen.com/english/advisories/2009/0513
www.vupen.com/english/advisories/2009/0743
www.vupen.com/english/advisories/2009/1297
bugzilla.redhat.com/show_bug.cgi?id=487142
exchange.xforce.ibmcloud.com/vulnerabilities/48887
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16057
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6593
Related
8.3 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.41 Medium
EPSS
Percentile
97.2%