Adobe Flash Player URI Parsing Heap Buffer Overflow Vulnerability
Publish Date: 21 juillet 2015
Gravité: : Critique
Identifiant(s) CVE: : CVE-2009-1868
Date du conseil: 21 juillet 2015
Description
Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving URL parsing.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1003944
Trend Micro Deep Security DPI Rule Name: 1003944 - Adobe Flash Player URI Parsing Heap Buffer Overflow Vulnerability
Affected software and version:
- adobe air 1.0
- adobe air 1.01
- adobe air 1.1
- adobe air 1.5
- adobe air 1.5.1
- adobe flash_player 10.0.0.584
- adobe flash_player 10.0.12.10
- adobe flash_player 10.0.12.36
- adobe flash_player 10.0.22.87
- adobe flash_player 7.0
- adobe flash_player 7.0.1
- adobe flash_player 7.0.25
- adobe flash_player 7.0.63
- adobe flash_player 7.0.69.0
- adobe flash_player 7.0.70.0
- adobe flash_player 7.1
- adobe flash_player 7.1.1
- adobe flash_player 7.2
- adobe flash_player 8.0
- adobe flash_player 8.0.24.0
- adobe flash_player 8.0.34.0
- adobe flash_player 8.0.35.0
- adobe flash_player 8.0.39.0
- adobe flash_player 9.0.112.0
- adobe flash_player 9.0.114.0
- adobe flash_player 9.0.115.0
- adobe flash_player 9.0.124.0
- adobe flash_player 9.0.16
- adobe flash_player 9.0.20
- adobe flash_player 9.0.20.0
- adobe flash_player 9.0.28
- adobe flash_player 9.0.28.0
- adobe flash_player 9.0.31.0
- adobe flash_player 9.0.45.0
- adobe flash_player 9.0.47.0
- adobe flash_player 9.0.48.0
- adobe flex 3.0