HIGH 7.8
KEV
CVE-2009-1862
Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009.
CVSS v3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA Known Exploited Vulnerability
- Ajouté au KEV
- 2022-06-08
- Deadline remédiation
- 2022-06-22
- Action requise
- For Adobe Acrobat and Reader, apply updates per vendor instructions. For Adobe Flash Player, the impacted product is end-of-life and should be disconnected if still in use.
- Ransomware
- Non
Apps mobiles affectées
Configurations CPE vulnérables
| Vendor | Produit | Plateforme | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| adobe | acrobat_reader | Android | ≥9.0 ≤9.1.2 | cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:* |
| adobe | acrobat_reader | iOS | ≥9.0 ≤9.1.2 | cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:* |