Summary
This host is installed with Adobe Flash Player/Air and is prone to multiple Denial of Service vulnerabilities.
Impact
Successful exploitation will allow remote attackers to execute arbitrary code, gain elevated privileges, gain knowledge of certain information and conduct clickjacking attacks.
Impact Level: System/Application
Solution
Update to Adobe Air 1.5.2 or Adobe Flash Player 9.0.246.0 or 10.0.32.18 http://get.adobe.com/air
http://www.adobe.com/support/flashplayer/downloads.html
Insight
Multiple vulnerabilities which can be to exploited to cause memory corruption, null pointer, privilege escalation, heap-based buffer overflow, local sandbox bypass, and input validation errors when processing specially crafted web pages.
Affected
Adobe AIR version prior to 1.5.2
Adobe Flash Player 9 version prior to 9.0.246.0
Adobe Flash Player 10 version prior to 10.0.32.18 on Windows
References
Severity
Classification
-
CVE CVE-2009-1863, CVE-2009-1864, CVE-2009-1865, CVE-2009-1866, CVE-2009-1867, CVE-2009-1868, CVE-2009-1869, CVE-2009-1870 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- 7-Zip Unspecified Archive Handling Vulnerability (Linux)
- ActFax Server Multiple Remote Buffer Overflow Vulnerabilities
- Avast! Zoo Denial of Service Vulnerability
- Adobe Reader PDF Handling Denial Of Service Vulnerability (Linux)
- 7T Interactive Graphical SCADA System 'dc.exe' Command Injection Vulnerability