CVE-2009-0521

EPSS 0.25%
Veröffentlicht 26.02.2009 16:17:19
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Untrusted search path vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Linux allows local users to obtain sensitive information or gain privileges via a crafted library in a directory contained in the RPATH.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 13

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Adobe ≫ Flash Player For Linux Version <= 10.0.15.3

Linux ≫ Linux Kernel Version-

Adobe ≫ Flash Player For Linux Version10.0.12.36

Linux ≫ Linux Kernel Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.25%	0.452

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://secunia.com/advisories/34226

Broken Link

http://security.gentoo.org/glsa/glsa-200903-23.xml

Third Party Advisory

http://isc.sans.org/diary.html?storyid=5929

Third Party Advisory

http://www.adobe.com/support/security/bulletins/apsb09-01.html

Patch

Vendor Advisory

http://www.vupen.com/english/advisories/2009/0513

Patch

Vendor Advisory

Broken Link

http://rhn.redhat.com/errata/RHSA-2009-0332.html

Third Party Advisory

http://secunia.com/advisories/34012

Broken Link

https://bugzilla.redhat.com/show_bug.cgi?id=487144

Third Party Advisory

Issue Tracking

https://exchange.xforce.ibmcloud.com/vulnerabilities/48904

Third Party Advisory

VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6160

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2009-0521

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-0521

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-0521

EUVD