CVE-2009-1869

Adobe Air < 1.5.1 - Numeric Error

Title source: rule

Description

Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a large intrf_count value that triggers a dereference of an out-of-bounds pointer.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Roee Hay · textdoslinux

https://www.exploit-db.com/exploits/33134

View Code ZIP pw:eip

References (22)

Core 22

Core References

Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1

Mailing List vendor-advisory x_refsource_apple

http://lists.apple.com/archives/security-announce/2009/Sep/msg00003.html

Vendor Advisory x_refsource_confirm

http://support.apple.com/kb/HT3864

Various Sources x_refsource_confirm

http://www.adobe.com/support/security/bulletins/apsb09-13.html

Mailing List vendor-advisory x_refsource_apple

http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/52181

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-200908-04.xml

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/35907

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1022629

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/505467/100/0/threaded

Patch, Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2009/2086

Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/35890

Patch, Vendor Advisory x_refsource_confirm

http://www.adobe.com/support/security/bulletins/apsb09-10.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/36374

Various Sources x_refsource_misc

http://roeehay.blogspot.com/2009/08/exploitation-of-cve-2009-1869.html

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6998

Vendor Advisory x_refsource_confirm

http://support.apple.com/kb/HT3865

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/36193

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/56777

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/36701

Various Sources x_refsource_misc

http://roeehay.blogspot.com/2009/08/advisory-adobe-flash-player-avm2.html

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15994

Scores

EPSS 0.2195

EPSS Percentile 95.8%

Details

CWE

CWE-189

Status published

Products (37)

adobe/air 1.0

adobe/air 1.01

adobe/air 1.1

adobe/air 1.5

adobe/air < 1.5.1

adobe/flash_player 7.0

adobe/flash_player 7.0.1

adobe/flash_player 7.0.25

adobe/flash_player 7.0.63 (2 CPE variants)

adobe/flash_player 7.0.69.0

... and 27 more

Published Jul 31, 2009

Tracked Since Feb 18, 2026