9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.336 Low
EPSS
Percentile
96.6%
The flash-plugin package contains a Firefox-compatible Adobe Flash Player
Web browser plug-in.
Multiple input validation flaws were found in the way Flash Player
displayed certain SWF (Shockwave Flash) content. An attacker could use
these flaws to create a specially-crafted SWF file that could cause
flash-plugin to crash, or, possibly, execute arbitrary code when the victim
loaded a page containing the specially-crafted SWF content. (CVE-2009-0520,
CVE-2009-0519)
All users of Adobe Flash Player should install this updated package, which
upgrades Flash Player to version 9.0.159.0.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 4 | i386 | flash-plugin | < 9.0.159.0-1.el4 | flash-plugin-9.0.159.0-1.el4.i386.rpm |