Vulnerabilities > Adobe > Flash Player > 3

DATE CVE VULNERABILITY TITLE RISK
2009-12-10 CVE-2009-3798 Resource Management Errors vulnerability in Adobe AIR and Flash Player
Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.
network
adobe CWE-399
critical
9.3
2009-12-10 CVE-2009-3796 Code Injection vulnerability in Adobe AIR and Flash Player
Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors, related to a "data injection vulnerability."
network
adobe CWE-94
critical
9.3
2009-12-10 CVE-2009-3794 Buffer Errors vulnerability in Adobe AIR and Flash Player
Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file.
network
adobe CWE-119
critical
9.3
2009-07-31 CVE-2009-1870 Information Exposure vulnerability in Adobe Air, Flash Player and Flex
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability."
local
low complexity
adobe CWE-200
4.9
2009-07-31 CVE-2009-1869 Numeric Errors vulnerability in Adobe Air, Flash Player and Flex
Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a large intrf_count value that triggers a dereference of an out-of-bounds pointer.
network
adobe CWE-189
critical
9.3
2009-07-31 CVE-2009-1868 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Air, Flash Player and Flex
Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving URL parsing.
network
adobe CWE-119
critical
9.3
2009-07-31 CVE-2009-1867 Link Following vulnerability in Adobe Air, Flash Player and Flex
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "clickjacking vulnerability."
network
adobe CWE-59
4.3
2009-07-31 CVE-2009-1866 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Air, Flash Player and Flex
Stack-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
network
adobe CWE-119
critical
9.3
2009-07-31 CVE-2009-1865 Multiple Security vulnerability in RETIRED: Adobe Flash Player and AIR
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, related to a "null pointer vulnerability."
network
adobe
critical
9.3
2009-07-31 CVE-2009-1864 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Air, Flash Player and Flex
Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
network
adobe CWE-119
critical
9.3