|
|
Log in / Subscribe / Register

flash-plugin: multiple vulnerabilities

Package(s):flash-plugin CVE #(s):CVE-2009-1862 CVE-2009-1863 CVE-2009-1864 CVE-2009-1865 CVE-2009-1866 CVE-2009-1867 CVE-2009-1868 CVE-2009-1869 CVE-2009-1870
Created:July 31, 2009 Updated:August 7, 2009
Description: From the Red Hat advisory:

Multiple security flaws were found in the way Flash Player displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, possibly, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content. (CVE-2009-1862, CVE-2009-1863, CVE-2009-1864, CVE-2009-1865, CVE-2009-1866, CVE-2009-1868, CVE-2009-1869)

A clickjacking flaw was discovered in Flash Player. A specially-crafted SWF file could trick a user into unintentionally or mistakenly clicking a link or a dialog. (CVE-2009-1867)

A flaw was found in the Flash Player local sandbox. A specially-crafted SWF file could cause information disclosure when it was saved to the hard drive. (CVE-2009-1870)

Alerts:
Gentoo 200908-04 adobe-flash 2009-08-07
SuSE SUSE-SA:2009:041 flash-player 2009-08-05
Red Hat RHSA-2009:1189-01 flash-plugin 2009-07-31
Red Hat RHSA-2009:1188-01 flash-plugin 2009-07-31
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds