CVE-2009-3794

Опубликовано: 08 дек. 2009

Источник: redhat

CVSS2: 6.8

EPSS Средний

Описание

Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file.

Ссылки на источники

Дополнительная информация

Статус:

Critical

https://bugzilla.redhat.com/show_bug.cgi?id=543857flash-plugin: multiple code execution flaws (APSB09-19) (CVE-2009-3794, CVE-2009-3796, CVE-2009-3797, CVE-2009-3798, CVE-2009-3799, CVE-2009-3800)

EPSS

Процентиль: 95%

0.21245

Средний

6.8 Medium

CVSS2

Связанные уязвимости

CVE-2009-3794

ubuntu

около 16 лет назад

Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file.

CVE-2009-3794

nvd

около 16 лет назад

Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file.

GHSA-rxh4-4wmm-564x

github

больше 3 лет назад

Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file.

EPSS

Процентиль: 95%

0.21245

Средний

6.8 Medium

CVSS2