Stack-based Buffer Overflow in Adobe Flash Player and AIR
CVE-2009-1866

Currently unrated

Key Information:

Vendor: Adobe
Status: Air; Flash Player; Flex
Vendor: CVE Published:; 31 July 2009

Summary

A stack-based buffer overflow vulnerability exists in Adobe Flash Player and Adobe AIR. This flaw can be exploited by attackers to trigger a denial of service, potentially causing the application to crash. Furthermore, there is the risk of executing arbitrary code via unspecified vectors, putting user systems at risk. Users of affected versions are strongly advised to update to secure releases to mitigate this vulnerability, as failure to do so could expose them to significant security threats.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://sunsolve.sun.com/search/document.do?assetkey=1-66-...

vendor-advisoryx_refsource_SUNALERT

http://lists.apple.com/archives/security-announce/2009/Se...

vendor-advisoryx_refsource_APPLE

Timeline

Vulnerability published
Jul 31, 2009
Vulnerability Reserved
Jun 1, 2009