9.3
CVSSv2

CVE-2009-0520

Published: 26/02/2009 Updated: 29/09/2017
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 935
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Adobe Flash Player 9.x prior to 9.0.159.0 and 10.x prior to 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote malicious users to execute arbitrary code via a crafted file, related to a "buffer overflow issue."

Vulnerable Product Search on Vulmon Subscribe to Product

adobe flash player 9.0.48.0

adobe flash player 8.0.24.0

adobe flash player for linux

adobe air 1.5

adobe flash player 7.1.1

adobe flash player 9.0.124.0

adobe flash player 9.0.47.0

adobe flash player 7.0.63

adobe flash player 7.0.70.0

adobe flash player 8.0.35.0

adobe flash player 9.0.114.0

adobe flash player 8.0

adobe flash player 9.0.20.0

adobe flash player 9.0.31.0

adobe flash player 9.0.112.0

adobe flash player 9.0.16

adobe flash player 10.0.0.584

adobe flash player 9.0.28.0

adobe flash player 7.0.69.0

adobe flash player 9.0.28

adobe flash player 9.0.45.0

adobe flex 3.0

adobe flash player 7.0

adobe flash player cs3

adobe flash player 7.2

adobe flash player 9.0.115.0

adobe flash player 7.0.25

adobe flash player 8.0.39.0

adobe flash player cs4

adobe flash player

adobe flash player 8.0.34.0

adobe flash player 7.1

adobe flash player 10.0.12.10

adobe flash player 9.0.20

adobe flash player 7.0.1

Vendor Advisories

Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An updated Adobe Flash Player package that fixes several security issues isnow available for Red Hat Enterprise Linux 3 and 4 ExtrasThis update has been rated as having critical security impact by the RedHat Sec ...
Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An updated Adobe Flash Player package that fixes several security issues isnow available for Red Hat Enterprise Linux 5 SupplementaryThis update has been rated as having critical security impact by the RedHat Se ...

Exploits

source: wwwsecurityfocuscom/bid/33880/info Adobe Flash Player is prone to a remote code-execution vulnerability An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application Failed exploit attempts will likely crash the application, denying service to legitimate users Versions pr ...