Lucene search

K
redhatRedHatRHSA-2009:0334
HistoryFeb 25, 2009 - 12:00 a.m.

(RHSA-2009:0334) Critical: flash-plugin security update

2009-02-2500:00:00
access.redhat.com
10

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.336 Low

EPSS

Percentile

96.6%

The flash-plugin package contains a Firefox-compatible Adobe Flash Player
Web browser plug-in.

Multiple input validation flaws were found in the way Flash Player
displayed certain SWF (Shockwave Flash) content. An attacker could use
these flaws to create a specially-crafted SWF file that could cause
flash-plugin to crash, or, possibly, execute arbitrary code when the victim
loaded a page containing the specially-crafted SWF content. (CVE-2009-0520,
CVE-2009-0519)

All users of Adobe Flash Player should install this updated package, which
upgrades Flash Player to version 9.0.159.0.

OSVersionArchitecturePackageVersionFilename
RedHat4i386flash-plugin< 9.0.159.0-1.el4flash-plugin-9.0.159.0-1.el4.i386.rpm

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.336 Low

EPSS

Percentile

96.6%