CVE-2009-0519 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:C/I:C/A:C
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 94%

Vendor	Product	Version
adobe	air	1.5
adobe	flash_player	𝑥 ≤ 10.0.12.36
adobe	flash_player	7.0
adobe	flash_player	7.0.1
adobe	flash_player	7.0.25
adobe	flash_player	7.0.63
adobe	flash_player	7.0.63
adobe	flash_player	7.0.69.0
adobe	flash_player	7.0.70.0
adobe	flash_player	7.1
adobe	flash_player	7.1.1
adobe	flash_player	7.2
adobe	flash_player	8.0
adobe	flash_player	8.0
adobe	flash_player	8.0
adobe	flash_player	8.0.24.0
adobe	flash_player	8.0.34.0
adobe	flash_player	8.0.35.0
adobe	flash_player	8.0.39.0
adobe	flash_player	9.0.16
adobe	flash_player	9.0.20
adobe	flash_player	9.0.20.0
adobe	flash_player	9.0.28
adobe	flash_player	9.0.28.0
adobe	flash_player	9.0.31.0
adobe	flash_player	9.0.45.0
adobe	flash_player	9.0.47.0
adobe	flash_player	9.0.48.0
adobe	flash_player	9.0.112.0
adobe	flash_player	9.0.114.0
adobe	flash_player	9.0.115.0
adobe	flash_player	9.0.124.0
adobe	flash_player	10.0.0.584
adobe	flash_player	10.0.12.10
adobe	flash_player_for_linux	𝑥 ≤ 10.0.15.3
adobe	flex	3.0

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

adobe-flashplugin

karmic	not-affected
jaunty	not-affected
intrepid	Fixed 10.0.22.87-2intrepid1 released
hardy	Fixed 10.0.22.87-2 released
gutsy	Fixed 10.0.22.87-0gutsy3 released
dapper	dne

flashplugin-nonfree

karmic	Fixed 10.0.22.87ubuntu1 released
jaunty	Fixed 10.0.22.87ubuntu1 released
intrepid	Fixed 10.0.22.87ubuntu1~intrepid1 released
hardy	Fixed 9.0.159.0ubuntu1~hardy1 released
gutsy	Fixed 9.0.159.0ubuntu1~gutsy1 released
dapper	ignored

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

http://isc.sans.org/diary.html?storyid=5929

http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

http://rhn.redhat.com/errata/RHSA-2009-0332.html

http://rhn.redhat.com/errata/RHSA-2009-0334.html

http://secunia.com/advisories/34012

http://secunia.com/advisories/34226

http://secunia.com/advisories/34293

http://secunia.com/advisories/35074

http://security.gentoo.org/glsa/glsa-200903-23.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-66-254909-1

http://support.apple.com/kb/HT3549

http://www.adobe.com/support/security/bulletins/apsb09-01.html

http://www.securityfocus.com/bid/33890

http://www.us-cert.gov/cas/techalerts/TA09-133A.html

http://www.vupen.com/english/advisories/2009/0513

http://www.vupen.com/english/advisories/2009/0743

http://www.vupen.com/english/advisories/2009/1297

https://bugzilla.redhat.com/show_bug.cgi?id=487141

https://exchange.xforce.ibmcloud.com/vulnerabilities/48900

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15837

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6470

http://isc.sans.org/diary.html?storyid=5929

http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

http://rhn.redhat.com/errata/RHSA-2009-0332.html

http://rhn.redhat.com/errata/RHSA-2009-0334.html

http://secunia.com/advisories/34012

http://secunia.com/advisories/34226

http://secunia.com/advisories/34293

http://secunia.com/advisories/35074

http://security.gentoo.org/glsa/glsa-200903-23.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-66-254909-1

http://support.apple.com/kb/HT3549

http://www.adobe.com/support/security/bulletins/apsb09-01.html

http://www.securityfocus.com/bid/33890

http://www.us-cert.gov/cas/techalerts/TA09-133A.html

http://www.vupen.com/english/advisories/2009/0513

http://www.vupen.com/english/advisories/2009/0743

http://www.vupen.com/english/advisories/2009/1297

https://bugzilla.redhat.com/show_bug.cgi?id=487141

https://exchange.xforce.ibmcloud.com/vulnerabilities/48900

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15837

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6470