Detections
Analytics
CVE-2009-0520
high
Description
Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a "buffer overflow issue."
References
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6593
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16057
https://exchange.xforce.ibmcloud.com/vulnerabilities/48887
https://bugzilla.redhat.com/show_bug.cgi?id=487142
http://www.vupen.com/english/advisories/2009/1297
http://www.vupen.com/english/advisories/2009/0743
http://www.vupen.com/english/advisories/2009/0513
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
http://www.securityfocus.com/bid/33880
http://www.adobe.com/support/security/bulletins/apsb09-01.html
http://support.apple.com/kb/HT3549
http://sunsolve.sun.com/search/document.do?assetkey=1-66-254909-1
http://securitytracker.com/id?1021750
http://security.gentoo.org/glsa/glsa-200903-23.xml
http://secunia.com/advisories/35074
http://secunia.com/advisories/34293
http://secunia.com/advisories/34226
http://secunia.com/advisories/34012
http://rhn.redhat.com/errata/RHSA-2009-0334.html
http://rhn.redhat.com/errata/RHSA-2009-0332.html
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=773