Home > Vulnerability Database > CVE-2009-1862

Mend.io Vulnerability Database

CVE-2009-1862

Date: July 23, 2009

Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009.

Severity Score

7.8

Related Resources (23)

Url: http://www.adobe.com/support/security/bulletins/apsb09-10.html

Url: http://secunia.com/advisories/36701

Url: http://news.cnet.com/8301-27080_3-10293389-245.html

Url: http://www.kb.cert.org/vuls/id/259425

Url: http://isc.sans.org/diary.html?storyid=6847

Url: http://www.adobe.com/support/security/bulletins/apsb09-13.html

Url: https://nvd.nist.gov/vuln/detail/CVE-2009-1862

Url: http://security.gentoo.org/glsa/glsa-200908-04.xml

Url: http://blogs.adobe.com/psirt/2009/07/potential_adobe_reader_and_fla.html

Url: http://secunia.com/advisories/36374

Url: http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1

Url: http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-072209-2512-99

Url: http://support.apple.com/kb/HT3864

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2009-1862

Url: http://lists.apple.com/archives/security-announce/2009/Sep/msg00003.html

Url: http://support.apple.com/kb/HT3865

Url: http://secunia.com/advisories/36193

Url: http://www.symantec.com/connect/blogs/next-generation-flash-vulnerability

Url: http://bugs.adobe.com/jira/browse/FP-1265

Url: http://www.adobe.com/support/security/advisories/apsa09-03.html

Url: http://www.securityfocus.com/bid/35759

Url: https://www.mend.io/vulnerability-database/CVE-2009-1862

Severity Score

7.8

Weakness Type (CWE)

Code Injection

CWE-94

CVSS v3.1

Base Score:	7.8
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	9.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2009-1862

Date: July 23, 2009

Severity Score

Related Resources (23)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?