Heap-based Buffer Overflow in Adobe Flash Player and AIR
CVE-2009-1868

Currently unrated

Key Information:

Vendor: Adobe
Status: Air; Flash Player; Flex
Vendor: CVE Published:; 31 July 2009

Summary

A heap-based buffer overflow vulnerability exists in Adobe Flash Player and Adobe AIR, allowing attackers to exploit the flaw through specific URL parsing methods. Successful exploitation can lead to application crashes, known as denial of service, and may even enable execution of arbitrary code on the affected system. Users are urged to update their software to mitigage potential risks.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-66-...

vendor-advisoryx_refsource_SUNALERT

https://exchange.xforce.ibmcloud.com/vulnerabilities/52185

vdb-entryx_refsource_XF

http://lists.apple.com/archives/security-announce/2009/Se...

vendor-advisoryx_refsource_APPLE

EPSS Score

26% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 31, 2009
Vulnerability Reserved
Jun 1, 2009