9.3 - GLSA-200908-04

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	Adobe products: Multiple vulnerabilities

Informations
Name	GLSA-200908-04	First vendor Publication	2009-08-07
Vendor	Gentoo	Last vendor Modification	2009-08-07
Severity (Vendor)	Normal	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities in Adobe Reader and Adobe Flash Player allow for attacks including the remote execution of arbitrary code.

Background

Adobe Flash Player is a closed-source playback software for Flash SWF files. Adobe Reader is a closed-source PDF reader that plays Flash content as well.

Description

Multiple vulnerabilities have been reported in Adobe Flash Player:

* lakehu of Tencent Security Center reported an unspecified memory corruption vulnerability (CVE-2009-1862).

* Mike Wroe reported an unspecified vulnerability, related to "privilege escalation" (CVE-2009-1863).

* An anonymous researcher through iDefense reported an unspecified heap-based buffer overflow (CVE-2009-1864).

* Chen Chen of Venustech reported an unspecified "null pointer vulnerability" (CVE-2009-1865).

* Chen Chen of Venustech reported an unspecified stack-based buffer overflow (CVE-2009-1866).

* Joran Benker reported that Adobe Flash Player facilitates "clickjacking" attacks (CVE-2009-1867).

* Jun Mao of iDefense reported a heap-based buffer overflow, related to URL parsing (CVE-2009-1868).

* Roee Hay of IBM Rational Application Security reported an unspecified integer overflow (CVE-2009-1869).

* Gareth Heyes and Microsoft Vulnerability Research reported that the sandbox in Adobe Flash Player allows for information disclosure, when "SWFs are saved to the hard drive" (CVE-2009-1870).

Impact

A remote attacker could entice a user to open a specially crafted PDF file or web site containing Adobe Flash (SWF) contents, possibly resulting in the execution of arbitrary code with the privileges of the user running the application, or a Denial of Service (application crash). Furthermore, a remote attacker could trick a user into clicking a button on a dialog by supplying a specially crafted SWF file and disclose sensitive information by exploiting a sandbox issue.

Workaround

There is no known workaround at this time.

Resolution

All Adobe Flash Player users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.0.32.18"

All Adobe Reader users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-text/acroread-9.1.3"

References

[ 1 ] CVE-2009-1862 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1862
[ 2 ] CVE-2009-1863 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1863
[ 3 ] CVE-2009-1864 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1864
[ 4 ] CVE-2009-1865 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1865
[ 5 ] CVE-2009-1866 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1866
[ 6 ] CVE-2009-1867 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1867
[ 7 ] CVE-2009-1868 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1868
[ 8 ] CVE-2009-1869 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1869
[ 9 ] CVE-2009-1870 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1870

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200908-04.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-200908-04.xml

CWE : Common Weakness Enumeration

%	Id	Name
38 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
12 %	CWE-264	Permissions, Privileges, and Access Controls
12 %	CWE-200	Information Exposure
12 %	CWE-189	Numeric Errors (CWE/SANS Top 25)
12 %	CWE-94	Failure to Control Generation of Code ('Code Injection')
12 %	CWE-59	Improper Link Resolution Before File Access ('Link Following')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15430

Oval ID:	oval:org.mitre.oval:def:15430
Title:	Adobe Flash Player and AIR Unspecified Clickjacking Vulnerability
Description:	Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "clickjacking vulnerability."
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2009-1867	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18 installed Adobe Flash Player is Installed AND Flash version is before 9.0.246.0 or 10.x before 10.0.32.18 Version of Adobe Flash Player is less than 9.0.246.0 OR Adobe Flash Player 10.x before 10.0.32.18 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.0.32.18 OR Adobe AIR before 1.5.2 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 1.5.2

Definition Id: oval:org.mitre.oval:def:15887

Oval ID:	oval:org.mitre.oval:def:15887
Title:	Adobe Flash Player and AIR Sandbox Bypass Information Disclosure Vulnerability
Description:	Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability."
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2009-1870	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18 installed Adobe Flash Player is Installed AND Flash version is before 9.0.246.0 or 10.x before 10.0.32.18 Version of Adobe Flash Player is less than 9.0.246.0 OR Adobe Flash Player 10.x before 10.0.32.18 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.0.32.18 OR Adobe AIR before 1.5.2 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 1.5.2

Definition Id: oval:org.mitre.oval:def:15955

Oval ID:	oval:org.mitre.oval:def:15955
Title:	Adobe Flash Player and AIR URI Parsing Heap Buffer Overflow Vulnerability
Description:	Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving URL parsing.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2009-1868	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18 installed Adobe Flash Player is Installed AND Flash version is before 9.0.246.0 or 10.x before 10.0.32.18 Version of Adobe Flash Player is less than 9.0.246.0 OR Adobe Flash Player 10.x before 10.0.32.18 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.0.32.18 OR Adobe AIR before 1.5.2 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 1.5.2

Definition Id: oval:org.mitre.oval:def:15994

Oval ID:	oval:org.mitre.oval:def:15994
Title:	Adobe Flash Player and AIR 'intf_count' Integer Overflow Vulnerability
Description:	Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a large intrf_count value that triggers a dereference of an out-of-bounds pointer.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2009-1869	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18 installed Adobe Flash Player is Installed AND Flash version is before 9.0.246.0 or 10.x before 10.0.32.18 Version of Adobe Flash Player is less than 9.0.246.0 OR Adobe Flash Player 10.x before 10.0.32.18 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.0.32.18 OR Adobe AIR before 1.5.2 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 1.5.2

Definition Id: oval:org.mitre.oval:def:16133

Oval ID:	oval:org.mitre.oval:def:16133
Title:	Adobe Flash Player and AIR Loader Object Heap Memory Corruption Vulnerability
Description:	Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2009-1864	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18 installed Adobe Flash Player is Installed AND Flash version is before 9.0.246.0 or 10.x before 10.0.32.18 Version of Adobe Flash Player is less than 9.0.246.0 OR Adobe Flash Player 10.x before 10.0.32.18 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.0.32.18 OR Adobe AIR before 1.5.2 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 1.5.2

Definition Id: oval:org.mitre.oval:def:16198

Oval ID:	oval:org.mitre.oval:def:16198
Title:	Adobe Flash Player and AIR Stack Buffer Overflow Vulnerability
Description:	Stack-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2009-1866	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18 installed Adobe Flash Player is Installed AND Flash version is before 9.0.246.0 or 10.x before 10.0.32.18 Version of Adobe Flash Player is less than 9.0.246.0 OR Adobe Flash Player 10.x before 10.0.32.18 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.0.32.18 OR Adobe AIR before 1.5.2 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 1.5.2

Definition Id: oval:org.mitre.oval:def:16338

Oval ID:	oval:org.mitre.oval:def:16338
Title:	Adobe Flash Player and AIR NULL Pointer Exception Remote Code Execution Vulnerability
Description:	Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, related to a "null pointer vulnerability."
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2009-1865	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18 installed Adobe Flash Player is Installed AND Flash version is before 9.0.246.0 or 10.x before 10.0.32.18 Version of Adobe Flash Player is less than 9.0.246.0 OR Adobe Flash Player 10.x before 10.0.32.18 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.0.32.18 OR Adobe AIR before 1.5.2 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 1.5.2

Definition Id: oval:org.mitre.oval:def:16391

Oval ID:	oval:org.mitre.oval:def:16391
Title:	Adobe Flash Player and AIR Unspecified Privilege Escalation Vulnerability
Description:	Unspecified vulnerability in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to a "privilege escalation vulnerability."
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2009-1863	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18 installed Adobe Flash Player is Installed AND Flash version is before 9.0.246.0 or 10.x before 10.0.32.18 Version of Adobe Flash Player is less than 9.0.246.0 OR Adobe Flash Player 10.x before 10.0.32.18 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.0.32.18 OR Adobe AIR before 1.5.2 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 1.5.2

Definition Id: oval:org.mitre.oval:def:22658

Oval ID:	oval:org.mitre.oval:def:22658
Title:	ELSA-2009:1188: flash-plugin security update (Critical)
Description:	Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability."
Family:	unix	Class:	patch
Reference(s):	ELSA-2009:1188-01 CVE-2009-1862 CVE-2009-1863 CVE-2009-1864 CVE-2009-1865 CVE-2009-1866 CVE-2009-1867 CVE-2009-1868 CVE-2009-1869 CVE-2009-1870	Version:	41
Platform(s):	Oracle Linux 5	Product(s):	flash-plugin
Definition Synopsis:
Oracle Linux 5.x AND flash-plugin is earlier than 0:10.0.32.18-2.el5

Definition Id: oval:org.mitre.oval:def:6648

Oval ID:	oval:org.mitre.oval:def:6648
Title:	Adobe Flash Player and AIR Sandbox Bypass Information Disclosure Vulnerability
Description:	Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-1870	Version:	12
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Adobe AIR version is less than 1.5.2 OR Vulnerable version of Adobe Flash Player 10 Adobe Flash Player 10 is installed AND Adobe Flash Player version is less than 10.0.32.18 OR Vulnerable version of Adobe Flash Player 9 Adobe Flash Player 9 is installed AND Adobe Flash Player version is less than 9.0.246.0 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Determine if the version of Flash.ocx is less than 10.0.32.18 AND Determine if the version of Flash.ocx is less than 9.0.246.0

Definition Id: oval:org.mitre.oval:def:6660

Oval ID:	oval:org.mitre.oval:def:6660
Title:	Adobe Flash Player and AIR Loader Object Heap Memory Corruption Vulnerability
Description:	Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-1864	Version:	12
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Adobe AIR version is less than 1.5.2 OR Vulnerable version of Adobe Flash Player 10 Adobe Flash Player 10 is installed AND Adobe Flash Player version is less than 10.0.32.18 OR Vulnerable version of Adobe Flash Player 9 Adobe Flash Player 9 is installed AND Adobe Flash Player version is less than 9.0.246.0 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Determine if the version of Flash.ocx is less than 10.0.32.18 AND Determine if the version of Flash.ocx is less than 9.0.246.0

Definition Id: oval:org.mitre.oval:def:6694

Oval ID:	oval:org.mitre.oval:def:6694
Title:	Adobe Flash Player and AIR Unspecified Clickjacking Vulnerability
Description:	Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "clickjacking vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-1867	Version:	12
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Adobe AIR version is less than 1.5.2 OR Vulnerable version of Adobe Flash Player 10 Adobe Flash Player 10 is installed AND Adobe Flash Player version is less than 10.0.32.18 OR Vulnerable version of Adobe Flash Player 9 Adobe Flash Player 9 is installed AND Adobe Flash Player version is less than 9.0.246.0 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Determine if the version of Flash.ocx is less than 10.0.32.18 AND Determine if the version of Flash.ocx is less than 9.0.246.0

Definition Id: oval:org.mitre.oval:def:6865

Oval ID:	oval:org.mitre.oval:def:6865
Title:	Adobe Flash Player and AIR URI Parsing Heap Buffer Overflow Vulnerability
Description:	Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving URL parsing.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-1868	Version:	12
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Adobe AIR version is less than 1.5.2 OR Vulnerable version of Adobe Flash Player 10 Adobe Flash Player 10 is installed AND Adobe Flash Player version is less than 10.0.32.18 OR Vulnerable version of Adobe Flash Player 9 Adobe Flash Player 9 is installed AND Adobe Flash Player version is less than 9.0.246.0 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Determine if the version of Flash.ocx is less than 10.0.32.18 AND Determine if the version of Flash.ocx is less than 9.0.246.0

Definition Id: oval:org.mitre.oval:def:6961

Oval ID:	oval:org.mitre.oval:def:6961
Title:	Adobe Flash Player and AIR Unspecified Privilege Escalation Vulnerability
Description:	Unspecified vulnerability in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to a "privilege escalation vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-1863	Version:	12
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Adobe AIR version is less than 1.5.2 OR Vulnerable version of Adobe Flash Player 10 Adobe Flash Player 10 is installed AND Adobe Flash Player version is less than 10.0.32.18 OR Vulnerable version of Adobe Flash Player 9 Adobe Flash Player 9 is installed AND Adobe Flash Player version is less than 9.0.246.0 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Determine if the version of Flash.ocx is less than 10.0.32.18 AND Determine if the version of Flash.ocx is less than 9.0.246.0

Definition Id: oval:org.mitre.oval:def:6998

Oval ID:	oval:org.mitre.oval:def:6998
Title:	Adobe Flash Player and AIR 'intf_count' Integer Overflow Vulnerability
Description:	Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a large intrf_count value that triggers a dereference of an out-of-bounds pointer.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-1869	Version:	12
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Adobe AIR version is less than 1.5.2 OR Vulnerable version of Adobe Flash Player 10 Adobe Flash Player 10 is installed AND Adobe Flash Player version is less than 10.0.32.18 OR Vulnerable version of Adobe Flash Player 9 Adobe Flash Player 9 is installed AND Adobe Flash Player version is less than 9.0.246.0 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Determine if the version of Flash.ocx is less than 10.0.32.18 AND Determine if the version of Flash.ocx is less than 9.0.246.0

Definition Id: oval:org.mitre.oval:def:7011

Oval ID:	oval:org.mitre.oval:def:7011
Title:	Adobe Flash Player and AIR NULL Pointer Exception Remote Code Execution Vulnerability
Description:	Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, related to a "null pointer vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-1865	Version:	12
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Adobe AIR version is less than 1.5.2 OR Vulnerable version of Adobe Flash Player 10 Adobe Flash Player 10 is installed AND Adobe Flash Player version is less than 10.0.32.18 OR Vulnerable version of Adobe Flash Player 9 Adobe Flash Player 9 is installed AND Adobe Flash Player version is less than 9.0.246.0 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Determine if the version of Flash.ocx is less than 10.0.32.18 AND Determine if the version of Flash.ocx is less than 9.0.246.0

Definition Id: oval:org.mitre.oval:def:7271

Oval ID:	oval:org.mitre.oval:def:7271
Title:	Adobe Flash Player and AIR Stack Buffer Overflow Vulnerability
Description:	Stack-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-1866	Version:	12
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Adobe AIR version is less than 1.5.2 OR Vulnerable version of Adobe Flash Player 10 Adobe Flash Player 10 is installed AND Adobe Flash Player version is less than 10.0.32.18 OR Vulnerable version of Adobe Flash Player 9 Adobe Flash Player 9 is installed AND Adobe Flash Player version is less than 9.0.246.0 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Determine if the version of Flash.ocx is less than 10.0.32.18 AND Determine if the version of Flash.ocx is less than 9.0.246.0

CPE : Common Platform Enumeration

Type	Description	Count
Application	Adobe Acrobat cpe:2.3:a:adobe:acrobat:9.1.2:::::::* cpe:2.3:a:adobe:acrobat:9.1.1:::::::* cpe:2.3:a:adobe:acrobat:9.1:::::::* cpe:2.3:a:adobe:acrobat:9.0:::::::*	4
Application	Adobe Acrobat Reader cpe:2.3:a:adobe:acrobat_reader:9.1.2:::::::* cpe:2.3:a:adobe:acrobat_reader:9.1.1:::::::* cpe:2.3:a:adobe:acrobat_reader:9.1:::::::* cpe:2.3:a:adobe:acrobat_reader:9.0:::::::*	4
Application	Adobe Air cpe:2.3:a:adobe:air:1.5.1:::::::* cpe:2.3:a:adobe:air:1.5:::::::* cpe:2.3:a:adobe:air:1.1:::::::* cpe:2.3:a:adobe:air:1.01:::::::* cpe:2.3:a:adobe:air:1.0:::::::* cpe:2.3:a:adobe:air::::::::	6
Application	Adobe Flash Player cpe:2.3:a:adobe:flash_player:10.0.22.87:::::::* cpe:2.3:a:adobe:flash_player:10.0.2.54:::::::* cpe:2.3:a:adobe:flash_player:10.0.15.3:::::::* cpe:2.3:a:adobe:flash_player:10.0.12.36:::::::* cpe:2.3:a:adobe:flash_player:10.0.12.10:::::::* cpe:2.3:a:adobe:flash_player:10.0.0.584:::::::* cpe:2.3:a:adobe:flash_player:10:::::::* cpe:2.3:a:adobe:flash_player:9.125.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.9.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.8.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.48.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.47.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.45.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.31.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.31:::::::* cpe:2.3:a:adobe:flash_player:9.0.283.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.280:::::::* cpe:2.3:a:adobe:flash_player:9.0.28.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.28.0::mac_os_x::::: cpe:2.3:a:adobe:flash_player:9.0.28:::::::* cpe:2.3:a:adobe:flash_player:9.0.277.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.262.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.260.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.246.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.20.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.20:::::::* cpe:2.3:a:adobe:flash_player:9.0.18d60:::::::* cpe:2.3:a:adobe:flash_player:9.0.16.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.16:::::::* cpe:2.3:a:adobe:flash_player:9.0.16::windows::::: cpe:2.3:a:adobe:flash_player:9.0.159.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.155.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.152.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.151.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.125.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.124.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.115.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.114.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.112.0:::::::* cpe:2.3:a:adobe:flash_player:9.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.42.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.39.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.35.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.34.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.33.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.24.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.22.0:::::::* cpe:2.3:a:adobe:flash_player:8.0:::::::* cpe:2.3:a:adobe:flash_player:8.0::pro::::: cpe:2.3:a:adobe:flash_player:8.0::basic::::: cpe:2.3:a:adobe:flash_player:8::professional::::: cpe:2.3:a:adobe:flash_player:8::pro::::: cpe:2.3:a:adobe:flash_player:7.2:::::::* cpe:2.3:a:adobe:flash_player:7.1.1:::::::* cpe:2.3:a:adobe:flash_player:7.1:::::::* cpe:2.3:a:adobe:flash_player:7.0.73.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.70.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.69.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.68.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.67.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.66.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.63:::::::* cpe:2.3:a:adobe:flash_player:7.0.63::linux::::: cpe:2.3:a:adobe:flash_player:7.0.61.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.60.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.53.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.25:::::::* cpe:2.3:a:adobe:flash_player:7.0.24.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.19.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.14.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.1:::::::* cpe:2.3:a:adobe:flash_player:7.0_r67::solaris::::: cpe:2.3:a:adobe:flash_player:7.0_r67:::::::* cpe:2.3:a:adobe:flash_player:7.0:::::::* cpe:2.3:a:adobe:flash_player:6.0.79:::::::* cpe:2.3:a:adobe:flash_player:6.0.21.0:::::::* cpe:2.3:a:adobe:flash_player:6:::::::* cpe:2.3:a:adobe:flash_player:5:::::::* cpe:2.3:a:adobe:flash_player:4:::::::* cpe:2.3:a:adobe:flash_player:3:::::::* cpe:2.3:a:adobe:flash_player:2:::::::* cpe:2.3:a:adobe:flash_player:mx_2004:::::::* cpe:2.3:a:adobe:flash_player:cs4::pro::::: cpe:2.3:a:adobe:flash_player:cs3::pro::::: cpe:2.3:a:adobe:flash_player:cs3::professional::::: cpe:2.3:a:adobe:flash_player:::::::: cpe:2.3:a:adobe:flash_player:::basic:::::* cpe:2.3:a:adobe:flash_player:::pro:::::* cpe:2.3:a:adobe:flash_player::::::edge::* cpe:2.3:a:adobe:flash_player::::::internet_explorer_11::* cpe:2.3:a:adobe:flash_player::::::chrome::* cpe:2.3:a:adobe:flash_player:-:::::::*	92
Application	Adobe Flex cpe:2.3:a:adobe:flex:3.0:::::::*	1

SAINT Exploits

Description	Link
Adobe Flash Player authplay.dll vulnerability	More info here

OpenVAS Exploits

Date	Description
2010-05-12	Name : Mac OS X Security Update 2009-005 File : nvt/macosx_secupd_2009-005.nasl
2010-05-12	Name : Mac OS X 10.6.1 Update File : nvt/macosx_upd_10_6_1.nasl
2009-08-17	Name : RedHat Security Advisory RHSA-2009:1188 File : nvt/RHSA_2009_1188.nasl
2009-08-17	Name : RedHat Security Advisory RHSA-2009:1189 File : nvt/RHSA_2009_1189.nasl
2009-08-17	Name : Gentoo Security Advisory GLSA 200908-04 (adobe-flash acroread) File : nvt/glsa_200908_04.nasl
2009-08-06	Name : Adobe Flash Player/Air Multiple DoS Vulnerabilities - Aug09 (Linux) File : nvt/gb_adobe_prdts_mult_dos_vuln_aug09_lin.nasl
2009-08-06	Name : Adobe Flash Player/Air Multiple DoS Vulnerabilities - Aug09 (Win) File : nvt/gb_adobe_prdts_mult_dos_vuln_aug09_win.nasl
2009-07-29	Name : Adobe Products '.pdf' and '.swf' Code Execution Vulnerability - July09 (Linux) File : nvt/secpod_adobe_prdts_code_exec_vuln_jul09_lin.nasl
2009-07-29	Name : Adobe Products '.pdf' and '.swf' Code Execution Vulnerability - July09 (Win) File : nvt/secpod_adobe_prdts_code_exec_vuln_jul09_win.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
56778	Adobe Multiple Products SWF File Saving Unspecified Information Disclosure
56777	Adobe Multiple Products AVM2 intf_count Integer Overflow
56776	Adobe Multiple Products URL Parsing Heap-based Overflow
56775	Adobe Multiple Products Unspecified Clickjacking
56774	Adobe Multiple Products Unspecified Stack-based Overflow
56773	Adobe Multiple Products Unspecified Null Pointer Arbitrary Code Execution
56772	Adobe Multiple Products Shockwave Flash Processing Object Re-use Arbitrary Co...
56771	Adobe Flash Player on Mac OS X Unspecified Local Privilege Escalation
56282	Adobe Multiple Products Flash Handling Unspecified Arbitrary Code Execution

Snort® IPS/IDS

Date	Description
2014-01-10	Adobe Flash Player remote code execution attempt RuleID : 28661 - Revision : 5 - Type : FILE-FLASH
2014-01-10	Adobe Flash Player remote code execution attempt RuleID : 28660 - Revision : 5 - Type : FILE-FLASH
2014-01-10	attempted download of a PDF with embedded Flash over pop3 RuleID : 19280 - Revision : 4 - Type : FILE-PDF
2014-01-10	attempted download of a PDF with embedded Flash over pop3 RuleID : 19279 - Revision : 4 - Type : FILE-PDF
2014-01-10	attempted download of a PDF with embedded Flash over pop3 RuleID : 19278 - Revision : 4 - Type : FILE-PDF
2014-01-10	attempted download of a PDF with embedded Flash over pop3 RuleID : 19277 - Revision : 4 - Type : FILE-PDF
2014-01-10	attempted download of a PDF with embedded Flash over pop3 RuleID : 19276 - Revision : 4 - Type : FILE-PDF
2014-01-10	attempted download of a PDF with embedded Flash over pop3 RuleID : 19275 - Revision : 4 - Type : FILE-PDF
2014-01-10	attempted download of a PDF with embedded Flash over smtp RuleID : 19274 - Revision : 4 - Type : FILE-PDF
2014-01-10	attempted download of a PDF with embedded Flash over smtp RuleID : 19273 - Revision : 4 - Type : FILE-PDF
2014-01-10	attempted download of a PDF with embedded Flash over smtp RuleID : 19272 - Revision : 4 - Type : FILE-PDF
2014-01-10	attempted download of a PDF with embedded Flash over smtp RuleID : 19271 - Revision : 4 - Type : FILE-PDF
2014-01-10	attempted download of a PDF with embedded Flash over smtp RuleID : 19270 - Revision : 4 - Type : FILE-PDF
2014-01-10	attempted download of a PDF with embedded Flash RuleID : 19269 - Revision : 14 - Type : FILE-PDF
2014-01-10	attempted download of a PDF with embedded Flash RuleID : 19268 - Revision : 14 - Type : FILE-PDF
2014-01-10	Adobe Flash Player ActionScript intrf_count integer overflow attempt RuleID : 15993 - Revision : 16 - Type : FILE-FLASH
2014-01-10	Possible Adobe Flash Player ActionScript byte_array heap spray attempt RuleID : 15729 - Revision : 14 - Type : FILE-FLASH
2014-01-10	Possible Adobe Acrobat Reader ActionScript byte_array heap spray attempt RuleID : 15728 - Revision : 15 - Type : FILE-PDF
2014-01-10	attempted download of a PDF with embedded Flash RuleID : 15727 - Revision : 27 - Type : FILE-PDF

Nessus® Vulnerability Scanner

Date	Description
2013-01-24	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2009-1188.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2009-1189.nasl - Type : ACT_GATHER_INFO
2011-01-27	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_flash-player-6386.nasl - Type : ACT_GATHER_INFO
2009-10-06	Name : The remote openSUSE host is missing a security update. File : suse_flash-player-6387.nasl - Type : ACT_GATHER_INFO
2009-09-24	Name : The remote SuSE 11 host is missing a security update. File : suse_11_flash-player-090731.nasl - Type : ACT_GATHER_INFO
2009-09-11	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_1.nasl - Type : ACT_GATHER_INFO
2009-09-11	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-005.nasl - Type : ACT_GATHER_INFO
2009-08-28	Name : The version of Adobe Acrobat on the remote Windows host is affected by a memo... File : adobe_acrobat_913.nasl - Type : ACT_GATHER_INFO
2009-08-10	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200908-04.nasl - Type : ACT_GATHER_INFO
2009-08-05	Name : The PDF file viewer on the remote Windows host is affected by a memory corrup... File : adobe_reader_913.nasl - Type : ACT_GATHER_INFO
2009-08-05	Name : The remote openSUSE host is missing a security update. File : suse_11_0_flash-player-090731.nasl - Type : ACT_GATHER_INFO
2009-08-05	Name : The remote openSUSE host is missing a security update. File : suse_11_1_flash-player-090731.nasl - Type : ACT_GATHER_INFO
2009-07-31	Name : The remote Windows host contains a version of Adobe AIR that is affected by m... File : adobe_air_apsb09-10.nasl - Type : ACT_GATHER_INFO
2009-07-30	Name : The remote Windows host contains a browser plugin that is affected by multipl... File : flash_player_apsb09_10.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:36:38	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	8
Oval ID(s)	17
CPE ID(s)	107
Saint Exploit(s)	1
osvdb(s)	9
Openvas Exploit(s)	9
Snort® Rule(s)	19
Nessus® Exploit(s)	14

	Related
9.3	CVE-2009-1869
9.3	CVE-2009-1868
9.3	CVE-2009-1866
9.3	CVE-2009-1865
9.3	CVE-2009-1864
9.3	CVE-2009-1863
9.3	CVE-2009-1862
4.9	CVE-2009-1870
4.3	CVE-2009-1867
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 9 more Alert(s)