Vulnerability Details : CVE-2009-0519
Unspecified vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a crafted Shockwave Flash (aka .swf) file.
Vulnerability category: Input validationExecute codeDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2009-0519
Probability of exploitation activity in the next 30 days: 26.86%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 96 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2009-0519
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2009-0519
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-0519
- http://rhn.redhat.com/errata/RHSA-2009-0332.html
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15837
-
http://www.vupen.com/english/advisories/2009/1297
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
- http://rhn.redhat.com/errata/RHSA-2009-0334.html
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/48900
-
http://www.adobe.com/support/security/bulletins/apsb09-01.html
Patch;Vendor Advisory
- http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
- http://security.gentoo.org/glsa/glsa-200903-23.xml
-
http://www.securityfocus.com/bid/33890
Patch
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6470
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-254909-1
-
https://bugzilla.redhat.com/show_bug.cgi?id=487141
-
http://www.vupen.com/english/advisories/2009/0513
Vendor Advisory
-
http://support.apple.com/kb/HT3549
About the security content of Security Update 2009-002 / Mac OS X v10.5.7 - Apple Support
- http://isc.sans.org/diary.html?storyid=5929
-
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
Apple Updates for Multiple Vulnerabilities | CISAUS Government Resource
- http://www.vupen.com/english/advisories/2009/0743
Products affected by CVE-2009-0519
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0:*:basic:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0:*:pro:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.63:*:linux:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:cs3:*:pro:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:cs4:*:pro:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:air:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flex:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player_for_linux:*:*:*:*:*:*:*:*