VRDA Feed : Provides information for vulnerability impact analysis

VRDA Feed by

Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis

[ about VRDA Feed | JPCERT/CC ]

Vulnerability Analysis Result (Revision No : 1)

[ Download XML ]

VRDA-090225-001 ( CVE-2009-0114 | CVE-2009-0519 | CVE-2009-0520 | CVE-2009-0521 | CVE-2009-0522 )

Adobe - Security Advisories : APSB09-01 - Flash Player update available to address security vulnerabilities

http://www.adobe.com/support/security/bulletins/apsb09-01.html

A potential vulnerability has been identified in Adobe Flash Player 10.0.12.36 and earlier that could allow an attacker who successfully exploits this potential vulnerability to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit this potential vulnerability. Additional vulnerabilities have been addressed in this update. Adobe recommends users update to the most current version of Flash Player available for their platform.

About This Analysis Information

Analysis Information Provider:

JPCERT/CC

First Published:

2009-02-25

Source Information Category:

Other (news, forums, etc.)

Last Updated:

2009-02-25

Affected Product Tags

cpe:/a:adobe:flash_player (Adobe Flash Player)

Vulnerability Analysis Results

[Information Source Reliability]^[?]

Low^[?]

Medium^[?]

High^[?]

[Impact Level]^[?]

Low^[?]

Low-Medium^[?]

Medium-High^[?]

High^[?]

[Access Required]^[?]

Physical^[?]

Local^[?]

Non-routed^[?]

Routed^[?]

[Authentication]^[?]

Privileged^[?]

Standard^[?]

Limited^[?]

None or Unnecessary^[?]

[User Interaction Required]^[?]

Complex^[?]

Simple^[?]

None^[?]

[Technical Difficulty]^[?]

High^[?]

Medium-High^[?]

Low-Medium^[?]

Low^[?]

[Availability of Remediation]^[?]

Official Patch^[?]

Official Workaround^[?]

Unofficial Patch^[?]

None^[?]

[Incident Activity]^[?]

None^[?]

Exploit or PoC^[?]

Activity Observed^[?]

Alternatives

Common Vulnerabilities and Exposures (CVE) CVE-2009-0114

Common Vulnerabilities and Exposures (CVE) CVE-2009-0519

Common Vulnerabilities and Exposures (CVE) CVE-2009-0520

Common Vulnerabilities and Exposures (CVE) CVE-2009-0521

Common Vulnerabilities and Exposures (CVE) CVE-2009-0522

References

iDefense Labs PUBLIC ADVISORY: 02.24.09 PUBLIC ADVISORY: Adobe Flash Player Invalid Object Reference Vulnerability

Adobe Flash Player is a very popular web browser plugin. It is available for multiple web browsers and platforms, including Windows, Linux and MacOS. Flash Player enables web browsers to display rich multimedia content, such as online videos, and is often a requirement for popular websites.