CVE-2009-1870

N/A Unknown
Published: July 31, 2009 Modified: April 23, 2026
View on NVD

Description

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability."

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://lists.apple.com/archives/security-announce/2009/Sep/msg00003.html
Source: cve@mitre.org
http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
Source: cve@mitre.org
http://osvdb.org/56778
Source: cve@mitre.org
http://secunia.com/advisories/36193
Source: cve@mitre.org
http://secunia.com/advisories/36374
Source: cve@mitre.org
http://secunia.com/advisories/36701
Source: cve@mitre.org
http://security.gentoo.org/glsa/glsa-200908-04.xml
Source: cve@mitre.org
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1
Source: cve@mitre.org
http://support.apple.com/kb/HT3864
Source: cve@mitre.org
http://support.apple.com/kb/HT3865
Source: cve@mitre.org
http://www.adobe.com/support/security/bulletins/apsb09-10.html
Source: cve@mitre.org
Patch Vendor Advisory
http://www.adobe.com/support/security/bulletins/apsb09-13.html
Source: cve@mitre.org
http://www.securityfocus.com/bid/35890
Source: cve@mitre.org
Patch
http://www.securityfocus.com/bid/35908
Source: cve@mitre.org
Patch
http://www.securitytracker.com/id?1022629
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2009/2086
Source: cve@mitre.org
Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/52180
Source: cve@mitre.org
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15887
Source: cve@mitre.org
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6648
Source: cve@mitre.org
http://lists.apple.com/archives/security-announce/2009/Sep/msg00003.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://osvdb.org/56778
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/36193
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/36374
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/36701
Source: af854a3a-2127-422b-91ae-364da2661108
http://security.gentoo.org/glsa/glsa-200908-04.xml
Source: af854a3a-2127-422b-91ae-364da2661108
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1
Source: af854a3a-2127-422b-91ae-364da2661108
http://support.apple.com/kb/HT3864
Source: af854a3a-2127-422b-91ae-364da2661108
http://support.apple.com/kb/HT3865
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.adobe.com/support/security/bulletins/apsb09-10.html
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.adobe.com/support/security/bulletins/apsb09-13.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/35890
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.securityfocus.com/bid/35908
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.securitytracker.com/id?1022629
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2009/2086
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/52180
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15887
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6648
Source: af854a3a-2127-422b-91ae-364da2661108

38 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.2%
41th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-200

Affected Vendors

adobe

Related CVEs

CVE-2026-6786 8.1
CVE-2026-6785 8.1
CVE-2026-7041 3.7
CVE-2026-7039 7.8
CVE-2026-7038 3.3