CVE-2009-0519

CWE-20Improper Input Validation5 documents5 sources
Severity
9.3CRITICAL
EPSS
29.1%
top 3.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Adobe Flash PlayerAdobe Flash Player FOR LinuxAdobe AIR+1 more
Timeline
PublishedFeb 26
Latest updateMay 2

Description

Unspecified vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a crafted Shockwave Flash (aka .swf) file.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

NVDadobe/flash_player10.0.12.36+31
NVDadobe/air1.5
NVDadobe/flex3.0

Patches

Patch: www.adobe.comPatch: www.securityfocus.comPatch: www.adobe.com

🔴Vulnerability Details

2
GHSA
GHSA-x3v4-9m46-pvqg: Unspecified vulnerability in Adobe Flash Player 92022-05-02
CVEList
CVE-2009-0519: Unspecified vulnerability in Adobe Flash Player 92009-02-26

📋Vendor Advisories

1
Red Hat
flash-plugin: Input validation flaw (DoS)2009-02-24

💬Community

1
Bugzilla
CVE-2009-0519 flash-plugin: Input validation flaw (DoS)2009-02-24
CVE-2009-0519 (CRITICAL CVSS 9.3) | Unspecified vulnerability in Adobe | cvebase.io