CVE-2009-0520

Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a "buffer overflow issue."

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=773
http://rhn.redhat.com/errata/RHSA-2009-0334.html
http://isc.sans.org/diary.html?storyid=5929	Patch
http://www.vupen.com/english/advisories/2009/0513	Patch
https://bugzilla.redhat.com/show_bug.cgi?id=487142
http://rhn.redhat.com/errata/RHSA-2009-0332.html
http://www.adobe.com/support/security/bulletins/apsb09-01.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/33880	Patch
http://secunia.com/advisories/34012
http://securitytracker.com/id?1021750
http://secunia.com/advisories/34226
http://security.gentoo.org/glsa/glsa-200903-23.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-66-254909-1
http://www.vupen.com/english/advisories/2009/0743
http://secunia.com/advisories/34293
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://www.vupen.com/english/advisories/2009/1297
http://support.apple.com/kb/HT3549
http://secunia.com/advisories/35074
http://www.us-cert.gov/cas/techalerts/TA09-133A.html	US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/48887
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6593
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16057

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:adobe:flash_player:9.0.45.0:::::::*
	cpe:2.3:a:adobe:flash_player:9.0.31.0:::::::*
	cpe:2.3:a:adobe:flash_player:9.0.115.0:::::::*
	cpe:2.3:a:adobe:flash_player:9.0.114.0:::::::*
	cpe:2.3:a:adobe:flash_player:10.0.0.584:::::::*
	cpe:2.3:a:adobe:flash_player:10.0.12.10:::::::*
	cpe:2.3:a:adobe:flash_player:7.0.70.0:::::::*
	cpe:2.3:a:adobe:flash_player:7.1:::::::*
	cpe:2.3:a:adobe:flash_player:8.0.39.0:::::::*
	cpe:2.3:a:adobe:flash_player:8.0::basic:::::
	cpe:2.3:a:adobe:flash_player:9.0.20.0:::::::*
	cpe:2.3:a:adobe:flash_player:9.0.48.0:::::::*
	cpe:2.3:a:adobe:flash_player:8.0.24.0:::::::*
	cpe:2.3:a:adobe:flash_player_for_linux::::::::
	cpe:2.3:a:adobe:air:1.5:::::::*
	cpe:2.3:a:adobe:flash_player:9.0.124.0:::::::*
	cpe:2.3:a:adobe:flash_player:9.0.47.0:::::::*
	cpe:2.3:a:adobe:flash_player:7.0.63:::::::*
	cpe:2.3:a:adobe:flash_player:8.0.35.0:::::::*
	cpe:2.3:a:adobe:flash_player:9.0.112.0:::::::*
	cpe:2.3:a:adobe:flash_player:9.0.16:::::::*
	cpe:2.3:a:adobe:flash_player:9.0.28.0:::::::*
	cpe:2.3:a:adobe:flash_player:7.0.69.0:::::::*
	cpe:2.3:a:adobe:flash_player:9.0.28:::::::*
	cpe:2.3:a:adobe:flex:3.0:::::::*
	cpe:2.3:a:adobe:flash_player:cs3::pro:::::
	cpe:2.3:a:adobe:flash_player:7.0.25:::::::*
	cpe:2.3:a:adobe:flash_player:8.0:::::::*
	cpe:2.3:a:adobe:flash_player:cs4::pro:::::
	cpe:2.3:a:adobe:flash_player::::::::
	cpe:2.3:a:adobe:flash_player:8.0.34.0:::::::*
	cpe:2.3:a:adobe:flash_player:9.0.20:::::::*
	cpe:2.3:a:adobe:flash_player:7.0.63::linux:::::
	cpe:2.3:a:adobe:flash_player:7.1.1:::::::*
	cpe:2.3:a:adobe:flash_player:7.0:::::::*
	cpe:2.3:a:adobe:flash_player:7.2:::::::*
	cpe:2.3:a:adobe:flash_player:7.0.1:::::::*
	cpe:2.3:a:adobe:flash_player:8.0::pro:::::

Information

Published : 2009-02-26 08:17

Updated : 2017-09-28 18:33

NVD link : CVE-2009-0520

Mitre link : CVE-2009-0520

JSON object : View

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Products Affected

adobe

air
flash_player_for_linux
flash_player
flex

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=773", "name": "20090224 Adobe Flash Player Invalid Object Reference Vulnerability", "tags": [], "refsource": "IDEFENSE"}, {"url": "http://rhn.redhat.com/errata/RHSA-2009-0334.html", "name": "RHSA-2009:0334", "tags": [], "refsource": "REDHAT"}, {"url": "http://isc.sans.org/diary.html?storyid=5929", "name": "http://isc.sans.org/diary.html?storyid=5929", "tags": ["Patch"], "refsource": "MISC"}, {"url": "http://www.vupen.com/english/advisories/2009/0513", "name": "ADV-2009-0513", "tags": ["Patch"], "refsource": "VUPEN"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=487142", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=487142", "tags": [], "refsource": "CONFIRM"}, {"url": "http://rhn.redhat.com/errata/RHSA-2009-0332.html", "name": "RHSA-2009:0332", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.adobe.com/support/security/bulletins/apsb09-01.html", "name": "http://www.adobe.com/support/security/bulletins/apsb09-01.html", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/33880", "name": "33880", "tags": ["Patch"], "refsource": "BID"}, {"url": "http://secunia.com/advisories/34012", "name": "34012", "tags": [], "refsource": "SECUNIA"}, {"url": "http://securitytracker.com/id?1021750", "name": "1021750", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/34226", "name": "34226", "tags": [], "refsource": "SECUNIA"}, {"url": "http://security.gentoo.org/glsa/glsa-200903-23.xml", "name": "GLSA-200903-23", "tags": [], "refsource": "GENTOO"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-254909-1", "name": "254909", "tags": [], "refsource": "SUNALERT"}, {"url": "http://www.vupen.com/english/advisories/2009/0743", "name": "ADV-2009-0743", "tags": [], "refsource": "VUPEN"}, {"url": "http://secunia.com/advisories/34293", "name": "34293", "tags": [], "refsource": "SECUNIA"}, {"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html", "name": "APPLE-SA-2009-05-12", "tags": [], "refsource": "APPLE"}, {"url": "http://www.vupen.com/english/advisories/2009/1297", "name": "ADV-2009-1297", "tags": [], "refsource": "VUPEN"}, {"url": "http://support.apple.com/kb/HT3549", "name": "http://support.apple.com/kb/HT3549", "tags": [], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/35074", "name": "35074", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html", "name": "TA09-133A", "tags": ["US Government Resource"], "refsource": "CERT"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48887", "name": "flash-invalid-object-bo(48887)", "tags": [], "refsource": "XF"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6593", "name": "oval:org.mitre.oval:def:6593", "tags": [], "refsource": "OVAL"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16057", "name": "oval:org.mitre.oval:def:16057", "tags": [], "refsource": "OVAL"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a \"buffer overflow issue.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2009-0520", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2009-02-26T16:17Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0:*:basic:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player_for_linux:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "10.0.15.3"}, {"cpe23Uri": "cpe:2.3:a:adobe:air:1.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flex:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:cs3:*:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:cs4:*:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "10.0.12.36"}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.63:*:linux:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0:*:pro:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-09-29T01:33Z"}

9.3 /10