Vulnerability Details : CVE-2009-0521
Untrusted search path vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Linux allows local users to obtain sensitive information or gain privileges via a crafted library in a directory contained in the RPATH.
Vulnerability category: Information leak
Products affected by CVE-2009-0521
- cpe:2.3:a:adobe:flash_player_for_linux:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player_for_linux:10.0.12.36:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-0521
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-0521
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
CWE ids for CVE-2009-0521
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-0521
-
http://rhn.redhat.com/errata/RHSA-2009-0332.html
RHSA-2009:0332 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://secunia.com/advisories/34012
About Secunia Research | FlexeraBroken Link
-
https://bugzilla.redhat.com/show_bug.cgi?id=487144
487144 – (CVE-2009-0521) CVE-2009-0521 flash-plugin: Linux-specific information disclosure (privilege escalation)Issue Tracking;Third Party Advisory
-
http://www.adobe.com/support/security/bulletins/apsb09-01.html
Adobe Security Bulletins and AdvisoriesPatch;Vendor Advisory
-
http://security.gentoo.org/glsa/glsa-200903-23.xml
Adobe Flash Player: Multiple vulnerabilities (GLSA 200903-23) — Gentoo securityThird Party Advisory
-
http://secunia.com/advisories/34226
About Secunia Research | FlexeraBroken Link
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6160
404 Not FoundThird Party Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/48904
Adobe Flash Player unspecified information disclosure CVE-2009-0521 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://www.vupen.com/english/advisories/2009/0513
Webmail: access your OVH emails on ovhcloud.com | OVHcloud UKBroken Link;Patch;Vendor Advisory
-
http://isc.sans.org/diary.html?storyid=5929
SANS.edu Internet Storm Center - SANS Internet Storm CenterThird Party Advisory
Jump to