CVE-2009-3951

Adobe Flash Player <10.0.42.34 - Info Disclosure

Title source: llm
STIX 2.1

Description

Unspecified vulnerability in the Flash Player ActiveX control in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 on Windows allows remote attackers to obtain the names of local files via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4820.

References (15)

Core 15
Core References
Patch vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1023307
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6663
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT4004
Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2010/Jan/msg00000.html
Patch, Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/3456
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/37584
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/37902
Patch, Vendor Advisory x_refsource_confirm
http://www.adobe.com/support/security/bulletins/apsb09-19.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/60891
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA09-343A.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/38241
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/54637
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/37199
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0173

Scores

EPSS 0.0381
EPSS Percentile 88.8%

Details

CWE
CWE-200
Status published
Products (44)
adobe/adobe_air 1.0
adobe/adobe_air 1.0.1
adobe/adobe_air 1.1
adobe/adobe_air 1.5.1
adobe/adobe_air < 1.5.2
adobe/flash_player 7.0
adobe/flash_player 7.0.1
adobe/flash_player 7.0.25
adobe/flash_player 7.0.63
adobe/flash_player 7.0.69.0
... and 34 more
Published Dec 10, 2009
Tracked Since Feb 18, 2026