CVE-2009-3793 — Adobe AIR vulnerability

CWE-3995 documents5 sources

Severity

9.3CRITICALNVD

EPSS

2.7%

top 14.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe AIR Adobe Flash Player Macromedia Flash Player

Timeline

PublishedJun 15

Latest updateMay 2

Description

Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory consumption) or possibly execute arbitrary code via unknown vectors.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

▶NVDadobe/flash_player10.0.45.2+54

▶NVDadobe/air1.5.3.9130+6

▶NVDmacromedia/flash_player5 versions+4

Patches

Patch: www.adobe.com ↗Patch: www.adobe.com ↗

🔴Vulnerability Details

GHSA

GHSA-rffw-455m-rfhp: Unspecified vulnerability in Adobe Flash Player before 9↗2022-05-02

▶

CVEList

CVE-2009-3793: Unspecified vulnerability in Adobe Flash Player before 9↗2010-06-15

▶

📋Vendor Advisories

Red Hat

flash-plugin: multiple security flaws (APSB10-14)↗2010-06-10

▶

💬Community

Bugzilla

flash-plugin: multiple security flaws (APSB10-14)↗2010-06-10

▶