CVE-2009-1864

Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.

Published: Jul 31, 2009
Updated: Apr 13, 2023
CVE: CVE-2009-1864
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
adobe / air	1.01	1.01.x
adobe / air	-	1.5.1.x
adobe / flash_player	9.0.48.0	9.0.48.0.x
adobe / flash_player	8.0.24.0	8.0.24.0.x
adobe / air	1.5	1.5.x
adobe / air	1.0	1.0.x
adobe / flash_player	7.1.1	7.1.1.x
adobe / flash_player	9.0.124.0	9.0.124.0.x
adobe / flash_player	9.0.47.0	9.0.47.0.x
adobe / flash_player	7.0.63	7.0.63.x
adobe / flash_player	7.0.70.0	7.0.70.0.x
adobe / flash_player	10.0.12.36	10.0.12.36.x
adobe / flash_player	8.0.35.0	8.0.35.0.x
adobe / flash_player	9.0.114.0	9.0.114.0.x
adobe / flash_player	8.0	8.0.x
adobe / air	1.1	1.1.x
adobe / flash_player	9.0.20.0	9.0.20.0.x
adobe / flash_player	9.0.31.0	9.0.31.0.x
adobe / flash_player	9.0.112.0	9.0.112.0.x
adobe / flash_player	9.0.16	9.0.16.x
adobe / flash_player	10.0.0.584	10.0.0.584.x
adobe / flash_player	9.0.28.0	9.0.28.0.x
adobe / flash_player	-	10.0.22.87.x
adobe / flash_player	7.0.69.0	7.0.69.0.x
adobe / flash_player	9.0.28	9.0.28.x
adobe / flash_player	9.0.45.0	9.0.45.0.x
adobe / flex	3.0	3.0.x
adobe / flash_player	7.0	7.0.x
adobe / flash_player	7.2	7.2.x
adobe / flash_player	9.0.115.0	9.0.115.0.x
adobe / flash_player	7.0.25	7.0.25.x
adobe / flash_player	8.0.39.0	8.0.39.0.x
adobe / flash_player	8.0.34.0	8.0.34.0.x
adobe / flash_player	7.1	7.1.x
adobe / flash_player	10.0.12.10	10.0.12.10.x
adobe / flash_player	9.0.20	9.0.20.x
adobe / flash_player	7.0.1	7.0.1.x

Vulnerability Database

289,697

CVE-2009-1864