CVE-2009-1870

high

Description

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6648

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15887

https://exchange.xforce.ibmcloud.com/vulnerabilities/52180

http://www.vupen.com/english/advisories/2009/2086

http://www.securitytracker.com/id?1022629

http://www.securityfocus.com/bid/35908

http://www.securityfocus.com/bid/35890

http://www.adobe.com/support/security/bulletins/apsb09-13.html

http://www.adobe.com/support/security/bulletins/apsb09-10.html

http://support.apple.com/kb/HT3865

http://support.apple.com/kb/HT3864

http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1

http://security.gentoo.org/glsa/glsa-200908-04.xml

http://secunia.com/advisories/36701

http://secunia.com/advisories/36374

http://secunia.com/advisories/36193

http://osvdb.org/56778

http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html

http://lists.apple.com/archives/security-announce/2009/Sep/msg00003.html

Details

Source: Mitre, NVD

Published: 2009-07-31

Updated: 2025-04-09

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00181

Detections

Analytics