icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Flash Player APSB09-01 Multiple Vulnerabilities

Medium

Synopsis

The remote Windows host contains a browser plugin that is affected by multiple vulnerabilities.

Description

The remote Windows host contains a version of Adobe Flash Player that is earlier than 10.0.22.87 / 9.0.159.0. Such versions are reportedly affected by multiple vulnerabilities :

- A buffer overflow issue that could allow an attacker to execute arbitrary code with the privileges of the user running the application. (CVE-2009-0520)

- An input validation vulnerability that leads to a denial of service attack and could possibly allow for an attacker to execute arbitrary code. (CVE-2009-0519)

- A vulnerability in the Flash Player settings manager that could contribute to a clickjacking attack. (CVE-2009-0014)

- A vulnerability with the mouse pointer display that could contribute to a clickjacking attack. (CVE-2009-0522)

Solution

Upgrade to version 10.0.22.87 or higher. If you are unable to upgrade to version 10, upgrade to version 9.0.159.0 or higher.