Release DateSep 15, 2009 |
Severitycritical |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems.Denial of Service: Remote attackers can crash vulnerable systems. |
DescriptionThis indicates an attack attempt against a integer overflow vulnerability in Adobe Flash Player.The vulnerability is caused by an error when the vulnerable software handles a specially crafted SWF file. It allows a remote attacker to execute arbitrary code. |
Affected ProductsAdobe Flash Player version 9.0.159.0 and previous versionsAdobe Flash Player version 10.0.22.87 and previous versions Adobe AIR version 1.5.1 and previous versions |
Recommended ActionsUpgrade to the Adobe Flash Player latest versions:http://www.adobe.com/go/getflashplayer Upgrade to the Adobe AIR latest versions: http://get.adobe.com/air |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2009-1869 |
Reference/shttp://www.securityfocus.com/bid/35907 (BugTraq)http://www.frsirt.com/english/advisories/2009/2086 (FrSIRT) |
