CVE-2009-0520

Common Vulnerabilities and Exposures

CVE-2009-0520 at MITRE

Details

Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a "buffer overflow issue."

Novell Bugzilla entry: 476907

SUSE Security Advisories:

SUSE-SA:2009:011, published Thu, 26 Feb 2009 16:00:00 +0000
SUSE-SA:2009:011 , published Thu, 26 Feb 2009 16:00:00 +0000
SUSE-SA:2009:041 , published Wed, 05 Aug 2009 09:00:00 +0000

Product(s)	Fixed package version(s)	References
SLED 11	`flash-player >= 10.0.22.87-1.1`	SAT Patch Nr: 566
openSUSE 10.3 openSUSE 11.0	`flash-player >= 9.0.159.0-0.1`	ZYPP Patch Nr: 6022 SAT Patch Nr: 560
openSUSE 11.1	`flash-player >= 10.0.22.87-0.1.1`	ZYPP Patch Nr: 6022 SAT Patch Nr: 560
Novell Linux Desktop 9 for x86 Novell Linux Desktop 9 for x86_64	`flash-player >= 9.0.159.0-0.1`	sles9-nld. x86-64 sles9-nld. x86 YOU Patch Nr: 12357
SLED 11	`flash-player >= 10.0.22.87-1.1.1`	sle11. x86 sle11. x86-64 SAT Patch Nr: 612
SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T SUSE Linux Enterprise Desktop 10 SP2 for x86	`flash-player >= 9.0.159.0-0.3`	sled10-sp2. x86-64 sled10-sp2. x86 ZYPP Patch Nr: 6020