Heap-based buffer overflow in Adobe Flash Player and AIR products
CVE-2009-1864

Currently unrated

Key Information:

Vendor: Adobe
Status: Air; Flash Player; Flex
Vendor: CVE Published:; 31 July 2009

Summary

A heap-based buffer overflow vulnerability in Adobe Flash Player and Adobe AIR allows attackers to potentially cause application crashes or execute arbitrary code. The flaw exists in specific versions of Adobe Flash Player prior to 9.0.246.0 and 10.0.32.18, as well as Adobe AIR versions before 1.5.2. By exploiting this vulnerability through unspecified vectors, malicious actors can undermine system integrity.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-66-...

vendor-advisoryx_refsource_SUNALERT

http://lists.apple.com/archives/security-announce/2009/Se...

vendor-advisoryx_refsource_APPLE

http://security.gentoo.org/glsa/glsa-200908-04.xml

vendor-advisoryx_refsource_GENTOO

Timeline

Vulnerability published
Jul 31, 2009
Vulnerability Reserved
Jun 1, 2009