Back to search
CVE-2009-3794
Published: Dec 10, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
oval:org.mitre.oval:def:8686
vdb-entry
signature
x_refsource_OVAL
RHSA-2009:1657
vendor-advisory
x_refsource_REDHAT
1023307
vdb-entry
x_refsource_SECTRACK
http://zerodayinitiative.com/advisories/ZDI-09-092/
x_refsource_MISC
flash-air-jpeg-code-execution(54631)
vdb-entry
x_refsource_XF
http://support.apple.com/kb/HT4004
x_refsource_CONFIRM
1021716
vendor-advisory
x_refsource_SUNALERT
60885
vdb-entry
x_refsource_OSVDB
APPLE-SA-2010-01-19-1
vendor-advisory
x_refsource_APPLE
ADV-2009-3456
vdb-entry
x_refsource_VUPEN
SUSE-SA:2009:062
vendor-advisory
x_refsource_SUSE
https://bugzilla.redhat.com/show_bug.cgi?id=543857
x_refsource_CONFIRM
37584
third-party-advisory
x_refsource_SECUNIA
37902
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:15948
vdb-entry
signature
x_refsource_OVAL
http://www.adobe.com/support/security/bulletins/apsb09-19.html
x_refsource_CONFIRM
1023306
vdb-entry
x_refsource_SECTRACK
RHSA-2009:1658
vendor-advisory
x_refsource_REDHAT
oval:org.mitre.oval:def:7465
vdb-entry
signature
x_refsource_OVAL
20091209 ZDI-09-092: Adobe Flash Player JPEG Parsing Heap Overflow Vulnerability
mailing-list
x_refsource_BUGTRAQ
TA09-343A
third-party-advisory
x_refsource_CERT
38241
third-party-advisory
x_refsource_SECUNIA
37199
vdb-entry
x_refsource_BID
ADV-2010-0173
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now