QwikSec

Security Database

CVE

CWE

Training

CVE-2009-3799

Published: Dec 10, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Integer overflow in the Verifier::parseExceptionHandlers function in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via an SWF file with a large exception_count value that triggers memory corruption, related to "generation of ActionScript exception handlers."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_SECTRACK

flash-air-unspecified-overflow(54635)

vdb-entry

x_refsource_XF

oval:org.mitre.oval:def:8208

vdb-entry

signature

x_refsource_OVAL

vdb-entry

x_refsource_OSVDB

http://support.apple.com/kb/HT4004

x_refsource_CONFIRM

vendor-advisory

x_refsource_SUNALERT

APPLE-SA-2010-01-19-1

vendor-advisory

x_refsource_APPLE

vdb-entry

x_refsource_VUPEN

SUSE-SA:2009:062

vendor-advisory

x_refsource_SUSE

https://bugzilla.redhat.com/show_bug.cgi?id=543857

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

http://zerodayinitiative.com/advisories/ZDI-09-093/

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:16315

vdb-entry

signature

x_refsource_OVAL

oval:org.mitre.oval:def:7191

vdb-entry

signature

x_refsource_OVAL

http://www.adobe.com/support/security/bulletins/apsb09-19.html

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_REDHAT

third-party-advisory

x_refsource_CERT

third-party-advisory

x_refsource_SECUNIA

20091209 ZDI-09-093: Adobe Flash Player ActionScript Exception Handler Integer Overflow Vulnerability

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.