Adobe Flash Player Invalid Object Reference Remote Code Execution Vulnerability
Gravedad: Crítico
Identificadores de CVE : CVE-2009-0520
Fecha recomendada: 21 de julio de 2015
Descripción
Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a "buffer overflow issue."
Revelación de la información
Apply associated Trend Micro DPI Rules.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1003331
Trend Micro Deep Security DPI Rule Name: 1003331 - Adobe Flash Player Invalid Object Reference Remote Code Execution
Software y versión afectados
- Adobe Air 1.5
- Adobe Flash Player 10.0.0.584
- Adobe Flash Player 10.0.12.10
- Adobe Flash Player 10.0.12.36
- Adobe Flash Player 7.0
- Adobe Flash Player 7.0.1
- Adobe Flash Player 7.0.25
- Adobe Flash Player 7.0.63
- Adobe Flash Player 7.0.69.0
- Adobe Flash Player 7.0.70.0
- Adobe Flash Player 7.1
- Adobe Flash Player 7.1.1
- Adobe Flash Player 7.2
- Adobe Flash Player 8.0
- Adobe Flash Player 8.0.24.0
- Adobe Flash Player 8.0.34.0
- Adobe Flash Player 8.0.35.0
- Adobe Flash Player 8.0.39.0
- Adobe Flash Player 9.0.112.0
- Adobe Flash Player 9.0.114.0
- Adobe Flash Player 9.0.115.0
- Adobe Flash Player 9.0.124.0
- Adobe Flash Player 9.0.16
- Adobe Flash Player 9.0.20
- Adobe Flash Player 9.0.20.0
- Adobe Flash Player 9.0.28
- Adobe Flash Player 9.0.28.0
- Adobe Flash Player 9.0.31.0
- Adobe Flash Player 9.0.45.0
- Adobe Flash Player 9.0.47.0
- Adobe Flash Player 9.0.48.0
- Adobe Flash Player CS3
- Adobe Flash Player CS4
- Adobe Flash Player For Linux 10.0.15.3
- Adobe Flex 3.0