Adobe Flash Player/Air Multiple DoS Vulnerabilities - Aug09 (Linux) Network Vulnerability

Summary

This host is installed with Adobe Flash Player/Air and is prone to multiple Denial of Service vulnerabilities.

Impact

Successful exploitation will allow remote attackers to execute arbitrary code, gain elevated privileges, gain knowledge of certain information and conduct clickjacking attacks. Impact Level: System/Application

Solution

Update to Adobe Air 1.5.2 or Adobe Flash Player 9.0.246.0 or 10.0.32.18 http://get.adobe.com/air http://www.adobe.com/support/flashplayer/downloads.html

Insight

Multiple vulnerabilities which can be to exploited to cause memory corruption, null pointer, privilege escalation, heap-based buffer overflow, local sandbox bypass, and input validation errors when processing specially crafted web pages.

Affected

Adobe AIR version prior to 1.5.2 Adobe Flash Player 9 version prior to 9.0.246.0 Adobe Flash Player 10 version prior to 10.0.32.18 on Linux.

References

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1863, CVE-2009-1864, CVE-2009-1865, CVE-2009-1866, CVE-2009-1867, CVE-2009-1868, CVE-2009-1869, CVE-2009-1870
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Take action and discover your vulnerabilities