CVE-2009-1870

medium

Description

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability."

References

http://lists.apple.com/archives/security-announce/2009/Sep/msg00003.html

http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html

http://secunia.com/advisories/36193

http://secunia.com/advisories/36374

http://secunia.com/advisories/36701

http://security.gentoo.org/glsa/glsa-200908-04.xml

https://exchange.xforce.ibmcloud.com/vulnerabilities/52180

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15887

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6648

http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1

http://support.apple.com/kb/HT3864

http://support.apple.com/kb/HT3865

http://www.adobe.com/support/security/bulletins/apsb09-10.html

http://www.adobe.com/support/security/bulletins/apsb09-13.html

http://www.securitytracker.com/id?1022629

http://www.vupen.com/english/advisories/2009/2086

Details

Published: 2009-07-31

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N

Severity: Medium

Detections

Analytics