← Back

CVE-2009-3951

nvd nist
Published: Dec 10, 2009Modified: Apr 23, 2026

JSON object

Loading...
7.1
Vector
AV:N/AC:M/Au:N/C:C/I:N/A:N
Exploitability: 8.6 / Impact: 6.9
Source: NVD

Description

Unspecified vulnerability in the Flash Player ActiveX control in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 on Windows allows remote attackers to obtain the names of local files via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4820.

Affected (47)

Adobe
2 products
Adobe Air
Flash Player
Configuration A
47 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Adobe
Adobe Air
Up to 1.5.2
Adobe Air
Version 1.0.1
Adobe Air
Version 1.0
Adobe Air
Version 1.1
Adobe Air
Version 1.5.1
Adobe
Flash Player
Up to 10.0.32.18
Flash Player
Version 10.0.0.584
Flash Player
Version 10.0.12.10
Flash Player
Version 10.0.12.36
Flash Player
Version 10.0.22.87
Flash Player
Version 7.0.1
Flash Player
Version 7.0.25
Flash Player
Version 7.0.63
Flash Player
Version 7.0.69.0
Flash Player
Version 7.0.70.0
Flash Player
Version 7.0
Flash Player
Version 7.1.1
Flash Player
Version 7.1
Flash Player
Version 7.2
Flash Player
Version 8.0.24.0
Flash Player
Version 8.0.34.0
Flash Player
Version 8.0.35.0
Flash Player
Version 8.0.39.0
Flash Player
Version 8.0
Flash Player
Version 8.0
Flash Player
Version 8.0
Flash Player
Version 8
Flash Player
Version 8
Flash Player
Version 9.0.112.0
Flash Player
Version 9.0.114.0
Flash Player
Version 9.0.115.0
Flash Player
Version 9.0.124.0
Flash Player
Version 9.0.155.0
Flash Player
Version 9.0.159.0
Flash Player
Version 9.0.16
Flash Player
Version 9.0.18d60
Flash Player
Version 9.0.20.0
Flash Player
Version 9.0.20
Flash Player
Version 9.0.28.0
Flash Player
Version 9.0.28
Flash Player
Version 9.0.31.0
Flash Player
Version 9.0.31
Flash Player
Version 9.0.45.0
Flash Player
Version 9.0.47.0
Flash Player
Version 9.0.48.0
Flash Player
Version 9.0
Flash Player
Version 9.125.0
Running on/withPlatform Versions
Microsoft
Windows
All versions

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (30)

Source: psirt@adobe.com
Source: psirt@adobe.com
Source: psirt@adobe.com
Source: psirt@adobe.com
Vendor Advisory
Source: psirt@adobe.com
Source: psirt@adobe.com
Source: psirt@adobe.com
Patch
Source: psirt@adobe.com
Source: psirt@adobe.com
PatchVendor Advisory
Source: psirt@adobe.com
Source: psirt@adobe.com
US Government Resource
Source: psirt@adobe.com
PatchVendor Advisory
Source: psirt@adobe.com
Source: psirt@adobe.com
Source: psirt@adobe.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.