CVE-2009-1864
flash-plugin: multiple code execution flaws (APSB09-10)
Severity Score
8.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
Desbordamiento de búfer basado en memoria dinámica en Adobe Flash Player versiones anteriores a v9.0.246.0 y v10.x anteriores a v10.0.32.18, y Adobe AIR anteriores a v1.5.2, permite a atacantes remotos provocar una denegación de servicio (finalización de la aplicación) o posiblemente ejecutar código de su elección mediante vectores no especificados.
Remote exploitation of an invalid Loader object reference vulnerability in Adobe Systems Inc.'s Flash Player could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense has confirmed the existence of this vulnerability in latest Flash Player version 9.0.124.0. Previous versions may also be affected.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2009-06-01 CVE Reserved
- 2009-07-31 CVE Published
- 2024-08-07 CVE Updated
- 2025-06-10 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (20)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/36193 | Third Party Advisory | |
| http://secunia.com/advisories/36374 | Third Party Advisory | |
| http://secunia.com/advisories/36701 | Third Party Advisory | |
| http://support.apple.com/kb/HT3864 | X_refsource_confirm |
|
| http://support.apple.com/kb/HT3865 | X_refsource_confirm |
|
| http://www.adobe.com/support/security/bulletins/apsb09-13.html | X_refsource_confirm | |
| http://www.securitytracker.com/id?1022629 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/52184 | Vdb Entry | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16133 | Signature | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6660 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.securityfocus.com/bid/35890 | 2017-09-29 | |
| http://www.securityfocus.com/bid/35904 | 2017-09-29 | |
| http://www.vupen.com/english/advisories/2009/2086 | 2017-09-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Adobe Search vendor "Adobe" | Air Search vendor "Adobe" for product "Air" | <= 1.5.1 Search vendor "Adobe" for product "Air" and version " <= 1.5.1" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Air Search vendor "Adobe" for product "Air" | 1.0 Search vendor "Adobe" for product "Air" and version "1.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Air Search vendor "Adobe" for product "Air" | 1.01 Search vendor "Adobe" for product "Air" and version "1.01" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Air Search vendor "Adobe" for product "Air" | 1.1 Search vendor "Adobe" for product "Air" and version "1.1" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Air Search vendor "Adobe" for product "Air" | 1.5 Search vendor "Adobe" for product "Air" and version "1.5" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | <= 10.0.22.87 Search vendor "Adobe" for product "Flash Player" and version " <= 10.0.22.87" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 7.0 Search vendor "Adobe" for product "Flash Player" and version "7.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 7.0.1 Search vendor "Adobe" for product "Flash Player" and version "7.0.1" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 7.0.25 Search vendor "Adobe" for product "Flash Player" and version "7.0.25" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 7.0.63 Search vendor "Adobe" for product "Flash Player" and version "7.0.63" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 7.0.63 Search vendor "Adobe" for product "Flash Player" and version "7.0.63" | linux |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 7.0.69.0 Search vendor "Adobe" for product "Flash Player" and version "7.0.69.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 7.0.70.0 Search vendor "Adobe" for product "Flash Player" and version "7.0.70.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 7.1 Search vendor "Adobe" for product "Flash Player" and version "7.1" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 7.1.1 Search vendor "Adobe" for product "Flash Player" and version "7.1.1" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 7.2 Search vendor "Adobe" for product "Flash Player" and version "7.2" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 8.0 Search vendor "Adobe" for product "Flash Player" and version "8.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 8.0 Search vendor "Adobe" for product "Flash Player" and version "8.0" | basic |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 8.0 Search vendor "Adobe" for product "Flash Player" and version "8.0" | pro |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 8.0.24.0 Search vendor "Adobe" for product "Flash Player" and version "8.0.24.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 8.0.34.0 Search vendor "Adobe" for product "Flash Player" and version "8.0.34.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 8.0.35.0 Search vendor "Adobe" for product "Flash Player" and version "8.0.35.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 8.0.39.0 Search vendor "Adobe" for product "Flash Player" and version "8.0.39.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 9.0.16 Search vendor "Adobe" for product "Flash Player" and version "9.0.16" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 9.0.20 Search vendor "Adobe" for product "Flash Player" and version "9.0.20" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 9.0.20.0 Search vendor "Adobe" for product "Flash Player" and version "9.0.20.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 9.0.28 Search vendor "Adobe" for product "Flash Player" and version "9.0.28" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 9.0.28.0 Search vendor "Adobe" for product "Flash Player" and version "9.0.28.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 9.0.31.0 Search vendor "Adobe" for product "Flash Player" and version "9.0.31.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 9.0.45.0 Search vendor "Adobe" for product "Flash Player" and version "9.0.45.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 9.0.47.0 Search vendor "Adobe" for product "Flash Player" and version "9.0.47.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 9.0.48.0 Search vendor "Adobe" for product "Flash Player" and version "9.0.48.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 9.0.112.0 Search vendor "Adobe" for product "Flash Player" and version "9.0.112.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 9.0.114.0 Search vendor "Adobe" for product "Flash Player" and version "9.0.114.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 9.0.115.0 Search vendor "Adobe" for product "Flash Player" and version "9.0.115.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 9.0.124.0 Search vendor "Adobe" for product "Flash Player" and version "9.0.124.0" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 10.0.0.584 Search vendor "Adobe" for product "Flash Player" and version "10.0.0.584" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 10.0.12.10 Search vendor "Adobe" for product "Flash Player" and version "10.0.12.10" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 10.0.12.36 Search vendor "Adobe" for product "Flash Player" and version "10.0.12.36" | - |
Affected
| ||||||
| Adobe Search vendor "Adobe" | Flex Search vendor "Adobe" for product "Flex" | 3.0 Search vendor "Adobe" for product "Flex" and version "3.0" | - |
Affected
| ||||||