VDB
GSD-2009-1862
GSD-2009-1862
PUBLISHED
CVSS 7.800000190734863 HIGH
Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009.
Risk Scores
CVSS v3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
Timeline
- May 5, 2008 CVE Published
- Jun 14, 2023 PoC Published
- Dec 24, 2024 PoC Published
- Feb 23, 2025 PoC Published
- Aug 31, 2025 PoC Published
- Aug 31, 2025 PoC Published
- Feb 2, 2026 PoC Published
- Apr 16, 2026 Security Advisory
- Apr 16, 2026 Security Advisory
References
- 266108 vendor-advisory
- http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-072209-2512-99 url
- APPLE-SA-2009-09-10-1 vendor-advisory
- http://isc.sans.org/diary.html?storyid=6847 url
- http://www.adobe.com/support/security/bulletins/apsb09-13.html url
- http://blogs.adobe.com/psirt/2009/07/potential_adobe_reader_and_fla.html url
- http://www.symantec.com/connect/blogs/next-generation-flash-vulnerability url
- APPLE-SA-2009-09-10-2 vendor-advisory
- http://bugs.adobe.com/jira/browse/FP-1265 url
- http://www.adobe.com/support/security/bulletins/apsb09-10.html url
- 36374 third-party-advisory
- 36193 third-party-advisory
- 36701 third-party-advisory
- http://www.adobe.com/support/security/advisories/apsa09-03.html url
- http://news.cnet.com/8301-27080_3-10293389-245.html url
- 35759 vdb
- VU#259425 advisory
- GLSA-200908-04 advisory
- http://support.apple.com/kb/HT3864 advisory
- http://support.apple.com/kb/HT3865 advisory
…and 1 more