Integer Overflow in Adobe Flash Player and AIR AVM2 Parser
CVE-2009-1869

Currently unrated

Key Information:

Vendor

Adobe
Status
Air
Flash Player
Flex
Vendor
CVE Published:
31 July 2009

What is CVE-2009-1869?

An integer overflow vulnerability exists in the ActionScript Virtual Machine 2 (AVM2) abcFile parser within Adobe Flash Player and Adobe AIR. This flaw can be exploited by attackers to cause a denial of service, leading to application crashes, or potentially execute arbitrary code by crafting a specific AVM2 file with a large intrf_count value. The resultant dereferencing of an out-of-bounds pointer poses significant security risks for affected versions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://sunsolve.sun.com/search/document.do?assetkey=1-66-...
vendor-advisoryx_refsource_SUNALERT
http://lists.apple.com/archives/security-announce/2009/Se...
vendor-advisoryx_refsource_APPLE
http://security.gentoo.org/glsa/glsa-200908-04.xml
vendor-advisoryx_refsource_GENTOO

EPSS Score

21% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.