CVE-2009-0520

N/A Unknown

Published: February 26, 2009 Modified: April 23, 2026

Description

Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a "buffer overflow issue."

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://isc.sans.org/diary.html?storyid=5929

Source: cve@mitre.org

Patch

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=773

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

Source: cve@mitre.org

http://rhn.redhat.com/errata/RHSA-2009-0332.html

Source: cve@mitre.org

http://rhn.redhat.com/errata/RHSA-2009-0334.html

Source: cve@mitre.org

http://secunia.com/advisories/34012

Source: cve@mitre.org

http://secunia.com/advisories/34226

Source: cve@mitre.org

http://secunia.com/advisories/34293

Source: cve@mitre.org

http://secunia.com/advisories/35074

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200903-23.xml

Source: cve@mitre.org

http://securitytracker.com/id?1021750

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-66-254909-1

Source: cve@mitre.org

http://support.apple.com/kb/HT3549

Source: cve@mitre.org

http://www.adobe.com/support/security/bulletins/apsb09-01.html

Source: cve@mitre.org

Patch Vendor Advisory

http://www.securityfocus.com/bid/33880

Source: cve@mitre.org

Patch

http://www.us-cert.gov/cas/techalerts/TA09-133A.html

Source: cve@mitre.org

US Government Resource

http://www.vupen.com/english/advisories/2009/0513

Source: cve@mitre.org

Patch

http://www.vupen.com/english/advisories/2009/0743

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/1297

Source: cve@mitre.org

https://bugzilla.redhat.com/show_bug.cgi?id=487142

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/48887

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16057

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6593

Source: cve@mitre.org

http://isc.sans.org/diary.html?storyid=5929

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=773

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2009-0332.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2009-0334.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/34012

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/34226

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/34293

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35074

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-200903-23.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1021750

Source: af854a3a-2127-422b-91ae-364da2661108

http://sunsolve.sun.com/search/document.do?assetkey=1-66-254909-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT3549

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.adobe.com/support/security/bulletins/apsb09-01.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://www.securityfocus.com/bid/33880

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.us-cert.gov/cas/techalerts/TA09-133A.html

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.vupen.com/english/advisories/2009/0513

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.vupen.com/english/advisories/2009/0743

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2009/1297

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=487142

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/48887

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16057

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6593

Source: af854a3a-2127-422b-91ae-364da2661108

46 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

22.2%

96th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

adobe

Related CVEs

CVE-2026-6977 7.3

CVE-2026-31685 N/A

CVE-2026-31684 N/A

CVE-2026-31683 N/A

CVE-2026-31682 N/A