CVE-2009-0519

EPSS 19.21%
Published 26.02.2009 16:17:19
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Unspecified vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a crafted Shockwave Flash (aka .swf) file.

Affected products Warnungen 0 Metrics 2 CWE 1 References 24

Data is provided by the National Vulnerability Database (NVD)

Adobe ≫ Air Version1.5

Adobe ≫ Flash Player Version <= 10.0.12.36

Adobe ≫ Flash Player Version7.0

Adobe ≫ Flash Player Version7.0.1

Adobe ≫ Flash Player Version7.0.25

Adobe ≫ Flash Player Version7.0.63

Adobe ≫ Flash Player Version7.0.63 Editionlinux

Adobe ≫ Flash Player Version7.0.69.0

Adobe ≫ Flash Player Version7.0.70.0

Adobe ≫ Flash Player Version7.1

Adobe ≫ Flash Player Version7.1.1

Adobe ≫ Flash Player Version7.2

Adobe ≫ Flash Player Version8.0

Adobe ≫ Flash Player Version8.0 Editionbasic

Adobe ≫ Flash Player Version8.0 Editionpro

Adobe ≫ Flash Player Version8.0.24.0

Adobe ≫ Flash Player Version8.0.34.0

Adobe ≫ Flash Player Version8.0.35.0

Adobe ≫ Flash Player Version8.0.39.0

Adobe ≫ Flash Player Version9.0.16

Adobe ≫ Flash Player Version9.0.20

Adobe ≫ Flash Player Version9.0.20.0

Adobe ≫ Flash Player Version9.0.28

Adobe ≫ Flash Player Version9.0.28.0

Adobe ≫ Flash Player Version9.0.31.0

Adobe ≫ Flash Player Version9.0.45.0

Adobe ≫ Flash Player Version9.0.47.0

Adobe ≫ Flash Player Version9.0.48.0

Adobe ≫ Flash Player Version9.0.112.0

Adobe ≫ Flash Player Version9.0.114.0

Adobe ≫ Flash Player Version9.0.115.0

Adobe ≫ Flash Player Version9.0.124.0

Adobe ≫ Flash Player Version10.0.0.584

Adobe ≫ Flash Player Version10.0.12.10

Adobe ≫ Flash Player Versioncs3 Editionpro

Adobe ≫ Flash Player Versioncs4 Editionpro

Adobe ≫ Flash Player For Linux Version <= 10.0.15.3

Adobe ≫ Flex Version3.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	19.21%	0.951

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

http://secunia.com/advisories/35074

http://support.apple.com/kb/HT3549

http://www.us-cert.gov/cas/techalerts/TA09-133A.html

US Government Resource

http://www.vupen.com/english/advisories/2009/1297

http://secunia.com/advisories/34226

http://security.gentoo.org/glsa/glsa-200903-23.xml

http://isc.sans.org/diary.html?storyid=5929

http://secunia.com/advisories/34293

http://sunsolve.sun.com/search/document.do?assetkey=1-66-254909-1

http://www.adobe.com/support/security/bulletins/apsb09-01.html