9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.41 Medium
EPSS
Percentile
97.3%
The remote Windows host contains a version of Adobe Flash Player that is earlier than 10.0.22.87 / 9.0.159.0. Such versions are reportedly affected by multiple vulnerabilities :
A buffer overflow issue that could allow an attacker to execute arbitrary code with the privileges of the user running the application. (CVE-2009-0520)
An input validation vulnerability that leads to a denial of service attack and could possibly allow for an attacker to execute arbitrary code. (CVE-2009-0519)
A vulnerability in the Flash Player settings manager that could contribute to a clickjacking attack. (CVE-2009-0014)
A vulnerability with the mouse pointer display that could contribute to a clickjacking attack. (CVE-2009-0522)
Binary data 4937.prm
Vendor | Product | Version | CPE |
---|---|---|---|
adobe | flash_player | cpe:/a:adobe:flash_player |