CVE-2009-0519

Published: Feb 26, 2009Modified: Apr 23, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Unspecified vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a crafted Shockwave Flash (aka .swf) file.

Affected (38)

Products: Adobe: Air, Flash Player, Flash Player For Linux, Flex

4 products

Flash Player For Linux

Configuration A

38 vulnerable

Vulnerable Software	Affected Versions
Adobe Air	Version 1.5
Adobe Flash Player	Up to 10.0.12.36
Adobe Flash Player	Version 10.0.0.584
Adobe Flash Player	Version 10.0.12.10
Adobe Flash Player	Version 7.0.1
Adobe Flash Player	Version 7.0.25
Adobe Flash Player	Version 7.0.63
Adobe Flash Player	Version 7.0.63
Adobe Flash Player	Version 7.0.69.0
Adobe Flash Player	Version 7.0.70.0
Adobe Flash Player	Version 7.0
Adobe Flash Player	Version 7.1.1
Adobe Flash Player	Version 7.1
Adobe Flash Player	Version 7.2
Adobe Flash Player	Version 8.0.24.0
Adobe Flash Player	Version 8.0.34.0
Adobe Flash Player	Version 8.0.35.0
Adobe Flash Player	Version 8.0.39.0
Adobe Flash Player	Version 8.0
Adobe Flash Player	Version 8.0
Adobe Flash Player	Version 8.0
Adobe Flash Player	Version 9.0.112.0
Adobe Flash Player	Version 9.0.114.0
Adobe Flash Player	Version 9.0.115.0
Adobe Flash Player	Version 9.0.124.0
Adobe Flash Player	Version 9.0.16
Adobe Flash Player	Version 9.0.20.0
Adobe Flash Player	Version 9.0.20
Adobe Flash Player	Version 9.0.28.0
Adobe Flash Player	Version 9.0.28
Adobe Flash Player	Version 9.0.31.0
Adobe Flash Player	Version 9.0.45.0
Adobe Flash Player	Version 9.0.47.0
Adobe Flash Player	Version 9.0.48.0
Adobe Flash Player	Version cs3
Adobe Flash Player	Version cs4
Adobe Flash Player For Linux	Up to 10.0.15.3
Adobe Flex	Version 3.0

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (42)

http://isc.sans.org/diary.html?storyid=5929

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

Source: cve@mitre.org

http://rhn.redhat.com/errata/RHSA-2009-0332.html

Source: cve@mitre.org

http://rhn.redhat.com/errata/RHSA-2009-0334.html

Source: cve@mitre.org

http://secunia.com/advisories/34012

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/34226

Source: cve@mitre.org

http://secunia.com/advisories/34293

Source: cve@mitre.org

http://secunia.com/advisories/35074

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200903-23.xml

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-66-254909-1

Source: cve@mitre.org

http://support.apple.com/kb/HT3549

Source: cve@mitre.org

http://www.adobe.com/support/security/bulletins/apsb09-01.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.securityfocus.com/bid/33890

Source: cve@mitre.org

Patch

http://www.us-cert.gov/cas/techalerts/TA09-133A.html

Source: cve@mitre.org

US Government Resource

http://www.vupen.com/english/advisories/2009/0513

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2009/0743

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/1297

Source: cve@mitre.org

https://bugzilla.redhat.com/show_bug.cgi?id=487141

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/48900

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15837

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6470

Source: cve@mitre.org

http://isc.sans.org/diary.html?storyid=5929

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2009-0332.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2009-0334.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/34012

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/34226

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/34293

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35074

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-200903-23.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://sunsolve.sun.com/search/document.do?assetkey=1-66-254909-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT3549

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.adobe.com/support/security/bulletins/apsb09-01.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.securityfocus.com/bid/33890

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.us-cert.gov/cas/techalerts/TA09-133A.html

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.vupen.com/english/advisories/2009/0513

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.vupen.com/english/advisories/2009/0743

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2009/1297

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=487141

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/48900

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15837

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6470

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.