CyberSec.Space Logo
Back to CVE Browser

CVE-2009-1862

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score89.4880%
EPSS Percentile91.72th
PublishedJul 23, 2009
Last ModifiedApr 22, 2026

Vulnerability Description

Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009.

Affected Platforms (CPE)

πŸ“¦
Adobe

Acrobat

>= 9.0 and <= 9.1.2
πŸ“¦
Adobe

Acrobat Reader

>= 9.0 and <= 9.1.2
πŸ“¦
Adobe

Flash Player

>= 9.0 and <= 9.0.159.0
πŸ“¦
Adobe

Flash Player

>= 10.0 and <= 10.0.22.87

References & Advisories

πŸ”— http://blogs.adobe.com/psirt/2009/07/potential_adobe_reader_and_fla.html
πŸ”— http://bugs.adobe.com/jira/browse/FP-1265
πŸ”— http://isc.sans.org/diary.html?storyid=6847
πŸ”— http://lists.apple.com/archives/security-announce/2009/Sep/msg00003.html
πŸ”— http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
πŸ”— http://news.cnet.com/8301-27080_3-10293389-245.html
πŸ”— http://secunia.com/advisories/36193
πŸ”— http://secunia.com/advisories/36374

Related Vulnerabilities

CVE-2004-063110.0

Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions...

CVE-2004-115210.0

Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary c...

CVE-2004-063010.0

The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those bef...

CVE-2004-115310.0

Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (appl...