CVE-2009-3794 Information
Description
Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file.
Reference
http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00003.html http://osvdb.org/60885 http://secunia.com/advisories/37584 http://secunia.com/advisories/37902 http://secunia.com/advisories/38241 http://securitytracker.com/id?1023306 http://securitytracker.com/id?1023307 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021716.1-1 http://support.apple.com/kb/HT4004 http://www.adobe.com/support/security/bulletins/apsb09-19.html http://www.redhat.com/support/errata/RHSA-2009-1657.html http://www.redhat.com/support/errata/RHSA-2009-1658.html http://www.securityfocus.com/archive/1/508336/100/0/threaded http://www.securityfocus.com/bid/37199 http://www.us-cert.gov/cas/techalerts/TA09-343A.html http://www.vupen.com/english/advisories/2009/3456 http://www.vupen.com/english/advisories/2010/0173 http://zerodayinitiative.com/advisories/ZDI-09-092/ https://bugzilla.redhat.com/show_bug.cgi?id=543857 https://exchange.xforce.ibmcloud.com/vulnerabilities/54631 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A15948 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A7465 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A8686
Share on: