Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009.
http://blogs.adobe.com/psirt/2009/07/potential_adobe_reader_and_fla.html
http://bugs.adobe.com/jira/browse/FP-1265
http://isc.sans.org/diary.html?storyid=6847
http://lists.apple.com/archives/security-announce/2009/Sep/msg00003.html
http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
http://news.cnet.com/8301-27080_3-10293389-245.html
http://secunia.com/advisories/36193
http://secunia.com/advisories/36374
http://secunia.com/advisories/36701
http://security.gentoo.org/glsa/glsa-200908-04.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1
http://support.apple.com/kb/HT3864
http://support.apple.com/kb/HT3865
http://www.adobe.com/support/security/advisories/apsa09-03.html
http://www.adobe.com/support/security/bulletins/apsb09-10.html
http://www.adobe.com/support/security/bulletins/apsb09-13.html
http://www.kb.cert.org/vuls/id/259425
http://www.securityfocus.com/bid/35759
http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-072209-2512-99
http://www.symantec.com/connect/blogs/next-generation-flash-vulnerability
OR
cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*
OR
cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:9.0.155.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
63887 | RHEL 3 / 4 : flash-plugin (RHSA-2009:1189) | Nessus | Red Hat Local Security Checks | high |
63886 | RHEL 5 : flash-plugin (RHSA-2009:1188) | Nessus | Red Hat Local Security Checks | high |
51731 | SuSE 10 Security Update : flash-player (ZYPP Patch Number 6386) | Nessus | SuSE Local Security Checks | high |
42001 | openSUSE 10 Security Update : flash-player (flash-player-6387) | Nessus | SuSE Local Security Checks | high |
41392 | SuSE 11 Security Update : flash-player (SAT Patch Number 1149) | Nessus | SuSE Local Security Checks | high |
800786 | Mac OS X 10.6 < 10.6.1 Multiple Vulnerabilities | Log Correlation Engine | Operating System Detection | high |
5162 | Mac OS X 10.6 < 10.6.1 Multiple Vulnerabilities | Nessus Network Monitor | Generic | critical |
40946 | Mac OS X 10.6.x < 10.6.1 Multiple Vulnerabilities | Nessus | MacOS X Local Security Checks | critical |
40945 | Mac OS X Multiple Vulnerabilities (Security Update 2009-005) | Nessus | MacOS X Local Security Checks | critical |
40806 | Adobe Acrobat < 9.1.3 Flash Handling Unspecified Arbitrary Code Execution | Nessus | Windows | high |
40520 | GLSA-200908-04 : Adobe products: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | high |
40494 | Adobe Reader < 9.1.3 Flash Handling Unspecified Arbitrary Code Execution (APSB09-10) | Nessus | Windows | high |
40489 | openSUSE Security Update : flash-player (flash-player-1148) | Nessus | SuSE Local Security Checks | high |
40488 | openSUSE Security Update : flash-player (flash-player-1148) | Nessus | SuSE Local Security Checks | high |
5109 | Adobe AIR < 1.5.2 Multiple Vulnerabilities (APSB09-10) | Nessus Network Monitor | Web Clients | medium |
40447 | Adobe AIR < 1.5.2 Multiple Vulnerabilities (APSB09-10) | Nessus | Windows | high |
40434 | Flash Player < 9.0.246.0 / 10.0.32.18 Multiple Vulnerabilities (APSB09-10) | Nessus | Windows | high |