Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2009-1870

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability."

Related bugs and status

CVE-2009-1870 (Candidate) is related to these bugs:

Bug #408203: APSB09-10 update to Adobe Reader 9.1.3

Summary				In	Importance	Status
	408203	APSB09-10 update to Adobe Reader 9.1.3		Ubuntu Japanese Kaizen Project	High	Fix Released

Bug #410152: [karmic] Flash Player not updated to 10.0.32.18

Summary				In	Importance	Status
	410152	[karmic] Flash Player not updated to 10.0.32.18		adobe-flashplugin (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.adobe.com/s...
BID: 35890
VUPEN: ADV-2009-2086
BID: 35908
SECTRACK: 1022629
OSVDB: 56778
GENTOO: GLSA-200908-04
SECUNIA: 36193
CONFIRM: http://www.adobe.com/s...
SECUNIA: 36374
SUNALERT: 266108
CONFIRM: http://support.apple.c...
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2009-09-10-1
APPLE: APPLE-SA-2009-09-10-2
SECUNIA: 36701
XF: flash-air-sandbox-info...
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:de...