Adobe Flash Player Invalid Object Reference Remote Code Execution Vulnerability
2015年7月21日
危険度: : 緊急
CVE識別番号: CVE-2009-0520
概要
Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a "buffer overflow issue."
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1003331
Trend Micro Deep Security DPI Rule Name: 1003331 - Adobe Flash Player Invalid Object Reference Remote Code Execution
影響を受けるソフトウェア
- Adobe Air 1.5
- Adobe Flash Player 10.0.0.584
- Adobe Flash Player 10.0.12.10
- Adobe Flash Player 10.0.12.36
- Adobe Flash Player 7.0
- Adobe Flash Player 7.0.1
- Adobe Flash Player 7.0.25
- Adobe Flash Player 7.0.63
- Adobe Flash Player 7.0.69.0
- Adobe Flash Player 7.0.70.0
- Adobe Flash Player 7.1
- Adobe Flash Player 7.1.1
- Adobe Flash Player 7.2
- Adobe Flash Player 8.0
- Adobe Flash Player 8.0.24.0
- Adobe Flash Player 8.0.34.0
- Adobe Flash Player 8.0.35.0
- Adobe Flash Player 8.0.39.0
- Adobe Flash Player 9.0.112.0
- Adobe Flash Player 9.0.114.0
- Adobe Flash Player 9.0.115.0
- Adobe Flash Player 9.0.124.0
- Adobe Flash Player 9.0.16
- Adobe Flash Player 9.0.20
- Adobe Flash Player 9.0.20.0
- Adobe Flash Player 9.0.28
- Adobe Flash Player 9.0.28.0
- Adobe Flash Player 9.0.31.0
- Adobe Flash Player 9.0.45.0
- Adobe Flash Player 9.0.47.0
- Adobe Flash Player 9.0.48.0
- Adobe Flash Player CS3
- Adobe Flash Player CS4
- Adobe Flash Player For Linux 10.0.15.3
- Adobe Flex 3.0