| Revision Date: | 2015-08-03 | Version: | 47 |
| Title: | Adobe Flash Player and AIR JPEG File Parsing Heap Buffer Overflow Vulnerability |
| Description: | Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file. |
| Family: | windows | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2009-3794
|
| Platform(s): | Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Microsoft Windows XP
| Product(s): | Adobe AIR
Adobe Flash Player
|
| Definition Synopsis |
| Vulnerable version of Adobe AIR Adobe AIR is installed
AND Adobe AIR version is less than 1.5.3
OR Vulnerable version of Adobe Flash Player
Adobe Flash Player is installed
AND Adobe Flash Player version installed on the system is less than or equal 10.0.42.34
OR Flash.ocx section
ActiveX Control is installed
AND Determine if the version of Flash.ocx is less than or equal 10.0.42.34
|