9.3
CVE-2009-0519
- EPSS 14.76%
- Veröffentlicht 26.02.2009 16:17:19
- Zuletzt bearbeitet 16.06.2026 23:05:12
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Unspecified vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a crafted Shockwave Flash (aka .swf) file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Flash Player Version <= 10.0.12.36
Adobe ≫ Flash Player Version7.0
Adobe ≫ Flash Player Version7.0.1
Adobe ≫ Flash Player Version7.0.25
Adobe ≫ Flash Player Version7.0.63
Adobe ≫ Flash Player Version7.0.63 Editionlinux
Adobe ≫ Flash Player Version7.0.69.0
Adobe ≫ Flash Player Version7.0.70.0
Adobe ≫ Flash Player Version7.1
Adobe ≫ Flash Player Version7.1.1
Adobe ≫ Flash Player Version7.2
Adobe ≫ Flash Player Version8.0
Adobe ≫ Flash Player Version8.0 Editionbasic
Adobe ≫ Flash Player Version8.0 Editionpro
Adobe ≫ Flash Player Version8.0.24.0
Adobe ≫ Flash Player Version8.0.34.0
Adobe ≫ Flash Player Version8.0.35.0
Adobe ≫ Flash Player Version8.0.39.0
Adobe ≫ Flash Player Version9.0.16
Adobe ≫ Flash Player Version9.0.20
Adobe ≫ Flash Player Version9.0.20.0
Adobe ≫ Flash Player Version9.0.28
Adobe ≫ Flash Player Version9.0.28.0
Adobe ≫ Flash Player Version9.0.31.0
Adobe ≫ Flash Player Version9.0.45.0
Adobe ≫ Flash Player Version9.0.47.0
Adobe ≫ Flash Player Version9.0.48.0
Adobe ≫ Flash Player Version9.0.112.0
Adobe ≫ Flash Player Version9.0.114.0
Adobe ≫ Flash Player Version9.0.115.0
Adobe ≫ Flash Player Version9.0.124.0
Adobe ≫ Flash Player Version10.0.0.584
Adobe ≫ Flash Player Version10.0.12.10
Adobe ≫ Flash Player Versioncs3 Editionpro
Adobe ≫ Flash Player Versioncs4 Editionpro
Adobe ≫ Flash Player For Linux Version <= 10.0.15.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 14.76% | 0.962 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://secunia.com/advisories/35074
http://support.apple.com/kb/HT3549
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
http://www.vupen.com/english/advisories/2009/1297
http://secunia.com/advisories/34226
http://security.gentoo.org/glsa/glsa-200903-23.xml
http://isc.sans.org/diary.html?storyid=5929
http://secunia.com/advisories/34293
http://sunsolve.sun.com/search/document.do?assetkey=1-66-254909-1
http://www.adobe.com/support/security/bulletins/apsb09-01.html
http://www.vupen.com/english/advisories/2009/0513
http://www.vupen.com/english/advisories/2009/0743
http://rhn.redhat.com/errata/RHSA-2009-0332.html
http://rhn.redhat.com/errata/RHSA-2009-0334.html
http://secunia.com/advisories/34012
http://www.securityfocus.com/bid/33890
https://bugzilla.redhat.com/show_bug.cgi?id=487141
https://exchange.xforce.ibmcloud.com/vulnerabilities/48900
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15837
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6470