Home > Vulnerability Database > CVE-2009-0520

Mend.io Vulnerability Database

CVE-2009-0520

Date: February 26, 2009

Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a "buffer overflow issue."

Severity Score

8.1

Related Resources (26)

Url: http://www.vupen.com/english/advisories/2009/1297

Url: https://nvd.nist.gov/vuln/detail/CVE-2009-0520

Url: https://bugzilla.redhat.com/show_bug.cgi?id=487142

Url: http://secunia.com/advisories/34012

Url: http://secunia.com/advisories/35074

Url: http://www.vupen.com/english/advisories/2009/0513

Url: http://isc.sans.org/diary.html?storyid=5929

Url: http://www.us-cert.gov/cas/techalerts/TA09-133A.html

Url: http://secunia.com/advisories/34226

Url: http://security.gentoo.org/glsa/glsa-200903-23.xml

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16057

Url: http://rhn.redhat.com/errata/RHSA-2009-0332.html

Url: http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/48887

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6593

Url: http://www.adobe.com/support/security/bulletins/apsb09-01.html

Url: http://securitytracker.com/id?1021750

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2009-0520

Url: http://www.securityfocus.com/bid/33880

Url: http://secunia.com/advisories/34293

Url: http://www.vupen.com/english/advisories/2009/0743

Url: http://support.apple.com/kb/HT3549

Url: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=773

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-66-254909-1

Url: http://rhn.redhat.com/errata/RHSA-2009-0334.html

Url: https://www.mend.io/vulnerability-database/CVE-2009-0520

Severity Score

8.1

Weakness Type (CWE)

Buffer Errors

CWE-119

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	9.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2009-0520

Date: February 26, 2009

Severity Score

Related Resources (26)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?