CVE-2009-3797

Published Dec 10, 2009

Last updated 7 years ago

CVSS info 9.3

Overview

Description: Adobe Flash Player 10.x before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.
Source: psirt@adobe.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A0CABFD-DFD2-4FF1-AC2A-712D9831AE36",
            "versionEndIncluding": "1.5.2"
          },
          {
            "criteria": "cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "97F0F4B8-A8AE-4AF2-8991-36DF5478AC90"
          },
          {
            "criteria": "cpe:2.3:a:adobe:adobe_air:1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F180F403-7032-497F-955B-0CB1D5CA3A74"
          },
          {
            "criteria": "cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51905ABB-C598-415F-9B6C-26963129352A"
          },
          {
            "criteria": "cpe:2.3:a:adobe:adobe_air:1.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16E50A13-564F-4CE7-8335-B99B83AA0B86"
          },
          {
            "criteria": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08E4028B-72E7-4E4A-AD0F-645F5AACAA29"
          },
          {
            "criteria": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63313ADA-3C52-47C8-9745-6BF6AEF0F6AD"
          },
          {
            "criteria": "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA646396-7C10-45A0-89A9-C75C5D8AFB3E"
          },
          {
            "criteria": "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3555324F-40F8-4BF4-BE5F-52A1E22B3AFA"
          },
          {
            "criteria": "cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "60540FDE-8C31-4679-A85E-614B1EFE1FF0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References