Local Sandbox Vulnerability in Adobe Flash Player and AIR
CVE-2009-1870

Currently unrated

Key Information:

Vendor: Adobe
Status: Air; Flash Player; Flex
Vendor: CVE Published:; 31 July 2009

Summary

This vulnerability in Adobe Flash Player and Adobe AIR exposes users to potential information disclosure by allowing attackers to save an SWF file to a hard drive, exploiting weaknesses related to the local sandbox. Users could inadvertently expose sensitive data through this flaw before timely updates were applied. Adobe has released updates to mitigate the risk associated with this vulnerability.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-66-...

vendor-advisoryx_refsource_SUNALERT

http://lists.apple.com/archives/security-announce/2009/Se...

vendor-advisoryx_refsource_APPLE

http://security.gentoo.org/glsa/glsa-200908-04.xml

vendor-advisoryx_refsource_GENTOO

Timeline

Vulnerability published
Jul 31, 2009
Vulnerability Reserved
Jun 1, 2009