Title: RETIRED: Adobe Flash Player APSB09-19 Multiple Remote Vulnerabilities
Severity: HIGH
Description:
Adobe Flash Player is a multimedia application for Microsoft Windows, Mozilla, and Apple technologies. Adobe AIR is a cross-platform runtime for developing internet applications on the desktop.
Flash Player is prone to multiple remote code-execution vulnerabilities, multiple denial-of-service vulnerabilities, and an information-disclosure vulnerability:
1. A vulnerability in the parsing of JPEG data could allow attackers to execute code. Specifically, the software fails to properly check the frame size, resulting in a heap-based buffer overflow. (CVE-2009-3794)
2. A data-injection vulnerability could allow attackers to execute code. (CVE-2009-3796)
3. An unspecified memory-corruption vulnerability could allow attackers to execute code. (CVE-2009-3797)
4. Another unspecified memory-corruption vulnerability could allow attackers to execute code. (CVE-2009-3798)
5. An integer-overflow vulnerability occurs when handling a large value in the 'exception_count' parameter of 'Verifier::parseExceptionHandlers()'. Attackers can exploit this issue to execute arbitrary code. (CVE-2009-3799)
6. Multiple vulnerabilities may trigger a denial-of-service condition, but may also be leveraged to execute arbitrary code. (CVE-2009-3800)
7. An information-disclosure issue may allow remote attackers to obtain access to files stored on a user's computer. This issue is identified by CVE-2009-3951 and it is related to CVE-2008-4820, which was reported in BID 32129 (Adobe Flash Player Multiple Security Vulnerabilities).
The following products are affected:
Adobe Flash Player 10.0.32.18 and prior
Adobe AIR 1.5.2 and prior
This BID is being retired. The following individual records exist to better document these issues:
37275 Adobe Flash Player and AIR (CVE-2009-3798) Unspecified Memory Corruption Vulnerability
37273 Adobe Flash Player and AIR (CVE-2009-3797) Unspecified Memory Corruption Vulnerability
37272 Adobe Flash Player ActiveX Control Information Disclosure Vulnerability
37269 Adobe Flash Player and AIR Multiple Unspecified Remote Code Execution Vulnerabilities
37270 Adobe Flash Player and AIR Data Injection Remote Code Execution Vulnerability
37267 Adobe Flash Player and AIR 'exception_count' Integer Overflow Vulnerability
37266 Adobe Flash Player and AIR JPEG File Parsing Heap Buffer Overflow Vulnerability
Affected Products:
- Adobe AIR 1.0
- Adobe AIR 1.01
- Adobe AIR 1.1
- Adobe AIR 1.5
- Adobe AIR 1.5.1
- Adobe AIR 1.5.2
- Adobe Flash Player 10
- Adobe Flash Player 10.0.12 .35
- Adobe Flash Player 10.0.12 .36
- Adobe Flash Player 10.0.15 .3
- Adobe Flash Player 10.0.22.87
- Adobe Flash Player 10.0.32 18
- RedHat Desktop Extras 3
- RedHat Desktop Extras 4
- RedHat Enterprise Linux AS Extras 3
- RedHat Enterprise Linux AS Extras 4
- RedHat Enterprise Linux Desktop Supplementary 5 client
- RedHat Enterprise Linux ES Extras 3
- RedHat Enterprise Linux ES Extras 4
- RedHat Enterprise Linux Supplementary 5 server
- RedHat Enterprise Linux WS Extras 3
- RedHat Enterprise Linux WS Extras 4
References:
- Adobe: Adobe Homepage
- Adobe: Adobe Security Advisory APSB09-19
- Adobe: Pre-Notification - Security Update for Adobe Flash Player
- CVE: CVE-2008-4820
- CVE: CVE-2009-3794
- CVE: CVE-2009-3796
- CVE: CVE-2009-3797
- CVE: CVE-2009-3798
- CVE: CVE-2009-3799
- CVE: CVE-2009-3800
- CVE: CVE-2009-3951
- ZDI: Adobe Flash Player ActionScript Exception Handler Integer Overflow Vulnerability
- ZDI: Adobe Flash Player JPEG Parsing Heap Overflow Vulnerability
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
