Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2009-1868

Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving URL parsing.

Related bugs and status

CVE-2009-1868 (Candidate) is related to these bugs:

Bug #408203: APSB09-10 update to Adobe Reader 9.1.3

Summary				In	Importance	Status
	408203	APSB09-10 update to Adobe Reader 9.1.3		Ubuntu Japanese Kaizen Project	High	Fix Released

Bug #410152: [karmic] Flash Player not updated to 10.0.32.18

Summary				In	Importance	Status
	410152	[karmic] Flash Player not updated to 10.0.32.18		adobe-flashplugin (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.adobe.com/s...
BID: 35890
VUPEN: ADV-2009-2086
BID: 35902
SECTRACK: 1022629
OSVDB: 56776
GENTOO: GLSA-200908-04
SECUNIA: 36193
CONFIRM: http://www.adobe.com/s...
SECUNIA: 36374
SUNALERT: 266108
CONFIRM: http://support.apple.c...
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2009-09-10-1
APPLE: APPLE-SA-2009-09-10-2
SECUNIA: 36701
XF: flash-air-unspecified-...
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:de...