AttackerKBAKB:D57D11B4-E87D-4E11-B3CF-38F89462B4C3CVE-2009-1862
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.559 Medium
EPSS
Percentile
97.7%
Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009.
Recent assessments:
Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0
References
blogs.adobe.com/psirt/2009/07/potential_adobe_reader_and_fla.html
bugs.adobe.com/jira/browse/FP-1265
isc.sans.org/diary.html?storyid=6847
lists.apple.com/archives/security-announce/2009/Sep/msg00003.html
lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
news.cnet.com/8301-27080_3-10293389-245.html
secunia.com/advisories/36193
secunia.com/advisories/36374
secunia.com/advisories/36701
security.gentoo.org/glsa/glsa-200908-04.xml
sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1
support.apple.com/kb/HT3864
support.apple.com/kb/HT3865
www.adobe.com/support/security/advisories/apsa09-03.html
www.adobe.com/support/security/bulletins/apsb09-10.html
www.adobe.com/support/security/bulletins/apsb09-13.html
www.kb.cert.org/vuls/id/259425
www.securityfocus.com/bid/35759
www.symantec.com/business/security_response/writeup.jsp?docid=2009-072209-2512-99
www.symantec.com/connect/blogs/next-generation-flash-vulnerability
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1862
Related
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.559 Medium
EPSS
Percentile
97.7%