CVE-2009-1862high
Description
Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009.
References
http://blogs.adobe.com/psirt/2009/07/potential_adobe_reader_and_fla.html
http://bugs.adobe.com/jira/browse/FP-1265
http://isc.sans.org/diary.html?storyid=6847
http://lists.apple.com/archives/security-announce/2009/Sep/msg00003.html
http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
http://news.cnet.com/8301-27080_3-10293389-245.html
http://secunia.com/advisories/36193
http://secunia.com/advisories/36374
http://secunia.com/advisories/36701
http://security.gentoo.org/glsa/glsa-200908-04.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1
http://support.apple.com/kb/HT3864
http://support.apple.com/kb/HT3865
http://www.adobe.com/support/security/advisories/apsa09-03.html
http://www.adobe.com/support/security/bulletins/apsb09-10.html
http://www.adobe.com/support/security/bulletins/apsb09-13.html
http://www.kb.cert.org/vuls/id/259425
http://www.securityfocus.com/bid/35759
http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-072209-2512-99
http://www.symantec.com/connect/blogs/next-generation-flash-vulnerability