CVE-2009-0520 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2009-0520 Interim 1 5 2023-12-09T02:05:56Z current 2021-05-30T12:45:51Z 2023-12-09T02:05:56Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2009-0520 Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a "buffer overflow issue." The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/33C5YWFB2G7NGGSL3BDDDXEFYQOO4KPD/#33C5YWFB2G7NGGSL3BDDDXEFYQOO4KPD E-Mail link for SUSE-SA:2009:011 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SMVYY4NW74C5W3KR2JPSFTZXY6HTNZLJ/#SMVYY4NW74C5W3KR2JPSFTZXY6HTNZLJ E-Mail link for SUSE-SA:2009:041 https://www.suse.com/support/security/rating/ SUSE Security Ratings Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a "buffer overflow issue." CVE-2009-0520 critical 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C