| Vulnerability Name: | CVE-2020-9633 (CCN-182908) | ||||||||||||
| Assigned: | 2020-06-09 | ||||||||||||
| Published: | 2020-06-09 | ||||||||||||
| Updated: | 2021-09-16 | ||||||||||||
| Summary: | Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||||||||||
| CVSS v3 Severity: | 9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) 8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
7.7 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||
| Vulnerability Type: | CWE-416 | ||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2020-9633 Source: XF Type: UNKNOWN adobe-flash-cve20209633-code-exec(182908) Source: CCN Type: Adobe Security Bulletin APSB20-30 Security updates available for Adobe Flash Player Source: CONFIRM Type: Vendor Advisory https://helpx.adobe.com/security/products/flash-player/apsb20-30.html Source: GENTOO Type: Third Party Advisory GLSA-202006-09 | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration 3: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||