CVE-2009-1862
Adobe Acrobat and Reader, Flash Player Unspecified Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
YesDecision
Descriptions
Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009.
Vulnerabilidad sin especificar en Adobe Reader , Acrobat de la v9.x a la v9.1.2 y Adobe Flash Player v9.x a la v9.0.159.0 y v10.x a la v10.0.22.87, permite a atacantes remotos ejecutar código de su elección a través de (1)una aplicación flash manipulada en un archivo .pdf o (2) un archivo .swf. Relacionado con el authplay.dll, como se ha explotado públicamente en julio del 2009.
Adobe Acrobat and Reader and Adobe Flash Player allows remote attackers to execute code or cause denial-of-service (DoS).
CVSS Scores
SSVC
- Decision:-
Timeline
- 2009-06-01 CVE Reserved
- 2009-07-23 CVE Published
- 2022-06-08 Exploited in Wild
- 2022-06-22 KEV Due Date
- 2024-06-29 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (22)
| URL | Tag | Source |
|---|---|---|
| http://bugs.adobe.com/jira/browse/FP-1265 | Broken Link | |
| http://isc.sans.org/diary.html?storyid=6847 | Not Applicable | |
| http://news.cnet.com/8301-27080_3-10293389-245.html | Broken Link | |
| http://secunia.com/advisories/36193 | Broken Link | |
| http://secunia.com/advisories/36374 | Broken Link | |
| http://secunia.com/advisories/36701 | Broken Link | |
| http://support.apple.com/kb/HT3864 | Third Party Advisory |
|
| http://support.apple.com/kb/HT3865 | Third Party Advisory |
|
| http://www.adobe.com/support/security/bulletins/apsb09-10.html | Not Applicable | |
| http://www.adobe.com/support/security/bulletins/apsb09-13.html | Not Applicable | |
| http://www.kb.cert.org/vuls/id/259425 | Third Party Advisory |
|
| http://www.securityfocus.com/bid/35759 | Broken Link | |
| http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-072209-2512-99 | Broken Link | |
| http://www.symantec.com/connect/blogs/next-generation-flash-vulnerability | Broken Link |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Adobe Search vendor "Adobe" | Acrobat Search vendor "Adobe" for product "Acrobat" | >= 9.0 <= 9.1.2 Search vendor "Adobe" for product "Acrobat" and version " >= 9.0 <= 9.1.2" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Acrobat Reader Search vendor "Adobe" for product "Acrobat Reader" | >= 9.0 <= 9.1.2 Search vendor "Adobe" for product "Acrobat Reader" and version " >= 9.0 <= 9.1.2" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 9.0 <= 9.0.159.0 Search vendor "Adobe" for product "Flash Player" and version " >= 9.0 <= 9.0.159.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | >= 10.0 <= 10.0.22.87 Search vendor "Adobe" for product "Flash Player" and version " >= 10.0 <= 10.0.22.87" | - |
Affected
| ||||||