4.9
CVE-2009-1870
- EPSS 0.19%
- Published 31.07.2009 19:30:00
- Last modified 09.04.2025 00:30:58
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability."
Data is provided by the National Vulnerability Database (NVD)
Adobe ≫ Flash Player Version <= 10.0.22.87
Adobe ≫ Flash Player Version7.0
Adobe ≫ Flash Player Version7.0.1
Adobe ≫ Flash Player Version7.0.25
Adobe ≫ Flash Player Version7.0.63
Adobe ≫ Flash Player Version7.0.63 Editionlinux
Adobe ≫ Flash Player Version7.0.69.0
Adobe ≫ Flash Player Version7.0.70.0
Adobe ≫ Flash Player Version7.1
Adobe ≫ Flash Player Version7.1.1
Adobe ≫ Flash Player Version7.2
Adobe ≫ Flash Player Version8.0
Adobe ≫ Flash Player Version8.0 Editionbasic
Adobe ≫ Flash Player Version8.0 Editionpro
Adobe ≫ Flash Player Version8.0.24.0
Adobe ≫ Flash Player Version8.0.34.0
Adobe ≫ Flash Player Version8.0.35.0
Adobe ≫ Flash Player Version8.0.39.0
Adobe ≫ Flash Player Version9.0.16
Adobe ≫ Flash Player Version9.0.20
Adobe ≫ Flash Player Version9.0.20.0
Adobe ≫ Flash Player Version9.0.28
Adobe ≫ Flash Player Version9.0.28.0
Adobe ≫ Flash Player Version9.0.31.0
Adobe ≫ Flash Player Version9.0.45.0
Adobe ≫ Flash Player Version9.0.47.0
Adobe ≫ Flash Player Version9.0.48.0
Adobe ≫ Flash Player Version9.0.112.0
Adobe ≫ Flash Player Version9.0.114.0
Adobe ≫ Flash Player Version9.0.115.0
Adobe ≫ Flash Player Version9.0.124.0
Adobe ≫ Flash Player Version10.0.0.584
Adobe ≫ Flash Player Version10.0.12.10
Adobe ≫ Flash Player Version10.0.12.36
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.19% | 0.409 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 4.9 | 3.9 | 6.9 |
AV:L/AC:L/Au:N/C:C/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.