Clickjacking Vulnerability in Adobe Flash Player Affecting Multiple Versions
CVE-2009-0114

Currently unrated

Key Information:

Vendor: Adobe
Status: Air; Flash Player; Flash Player For Linux; Flex
Vendor: CVE Published:; 26 February 2009

Summary

An unspecified vulnerability in the Settings Manager of Adobe Flash Player allows attackers to potentially exploit users by tricking them into visiting arbitrary URLs. This vulnerability relates to a variant of Clickjacking, which can lead to unauthorized actions on behalf of the user without their consent. Users of affected versions may face security threats where malicious sites can hide under legitimate interfaces, leading to sensitive data exposure or unwanted actions performed on their behalf.

References

http://isc.sans.org/diary.html?storyid=5929

x_refsource_MISC

http://support.apple.com/kb/HT3549

x_refsource_CONFIRM

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

17% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 26, 2009
Vulnerability Reserved
Jan 9, 2009