Executive Summary

Informations
NameCVE-2009-0519First vendor Publication2009-02-26
VendorCveLast vendor Modification2010-08-21

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthentificationNone Required
Calculate full CVSS 2.0 Vectors scores

Security Protection

ImpactsProvides administrator access : Allows complete confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service.

Detail

Unspecified vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a crafted Shockwave Flash (aka .swf) file.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0519

CWE : Common Weakness Enumeration

idName
CWE-20Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:6470
 
Oval ID: oval:org.mitre.oval:def:6470
Title: Adobe Flash Player Unspecified Remote Denial of Service Vulnerability
Description: Unspecified vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a crafted Shockwave Flash (aka .swf) file.
Family: windows Class: vulnerability
Reference(s): CVE-2009-0519
 Version: 4
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
 Product(s): Adobe Flash Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15837
 
Oval ID: oval:org.mitre.oval:def:15837
Title: Adobe Flash Player Unspecified Remote Denial of Service Vulnerability
Description: Unspecified vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a crafted Shockwave Flash (aka .swf) file.
Family: macos Class: vulnerability
Reference(s): CVE-2009-0519
 Version: 3
Platform(s): Apple Mac OS X
 Product(s): Adobe Flash Player
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Application35
Application1
Application1

Open Source Vulnerability Database (OSVDB)

idDescription
52748Adobe Flash Player Crafted SWF File Handling Arbitrary Code Execution

Internal Sources (Detail)

SourceUrl
APPLEhttp://lists.apple.com/archives/security-announce/2009/May/msg00002.html
BIDhttp://www.securityfocus.com/bid/33890
CERThttp://www.us-cert.gov/cas/techalerts/TA09-133A.html
CONFIRMhttp://support.apple.com/kb/HT3549
http://www.adobe.com/support/security/bulletins/apsb09-01.html
https://bugzilla.redhat.com/show_bug.cgi?id=487141
GENTOOhttp://security.gentoo.org/glsa/glsa-200903-23.xml
MISChttp://isc.sans.org/diary.html?storyid=5929
REDHAThttp://rhn.redhat.com/errata/RHSA-2009-0332.html
http://rhn.redhat.com/errata/RHSA-2009-0334.html
SECUNIAhttp://secunia.com/advisories/34012
http://secunia.com/advisories/34226
http://secunia.com/advisories/34293
http://secunia.com/advisories/35074
SUNALERThttp://sunsolve.sun.com/search/document.do?assetkey=1-66-254909-1
VUPENhttp://www.vupen.com/english/advisories/2009/0513
http://www.vupen.com/english/advisories/2009/0743
http://www.vupen.com/english/advisories/2009/1297
XFhttp://xforce.iss.net/xforce/xfdb/48900

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2013-05-10 23:43:54
  • Multiple Updates