Back to search
CVE-2009-1869
Published: Jul 31, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a large intrf_count value that triggers a dereference of an out-of-bounds pointer.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
266108
vendor-advisory
x_refsource_SUNALERT
APPLE-SA-2009-09-10-1
vendor-advisory
x_refsource_APPLE
GLSA-200908-04
vendor-advisory
x_refsource_GENTOO
http://support.apple.com/kb/HT3864
x_refsource_CONFIRM
35907
vdb-entry
x_refsource_BID
http://www.adobe.com/support/security/bulletins/apsb09-13.html
x_refsource_CONFIRM
1022629
vdb-entry
x_refsource_SECTRACK
APPLE-SA-2009-09-10-2
vendor-advisory
x_refsource_APPLE
20090802 Advisory: Adobe Flash Player and AIR AVM2 intf_count Integer Overflow Remote Code Execution (CVE-2009-1869)
mailing-list
x_refsource_BUGTRAQ
flash-air-code-execution(52181)
vdb-entry
x_refsource_XF
ADV-2009-2086
vdb-entry
x_refsource_VUPEN
35890
vdb-entry
x_refsource_BID
http://www.adobe.com/support/security/bulletins/apsb09-10.html
x_refsource_CONFIRM
36374
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:6998
vdb-entry
signature
x_refsource_OVAL
http://support.apple.com/kb/HT3865
x_refsource_CONFIRM
36193
third-party-advisory
x_refsource_SECUNIA
56777
vdb-entry
x_refsource_OSVDB
36701
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:15994
vdb-entry
signature
x_refsource_OVAL
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now