CVE-2009-3794 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2009-3794 Interim 1 11 2023-12-09T02:01:34Z current 2021-05-30T12:48:55Z 2023-12-09T02:01:34Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2009-3794 Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/M5PJWNC7SSNYPEMOIOWMUOINMR7PNWEH/#M5PJWNC7SSNYPEMOIOWMUOINMR7PNWEH E-Mail link for SUSE-SA:2009:062 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 flash-player-11.2.202.406-1.3 flash-player-11.2.202.548-111.1 flash-player-gnome-11.2.202.406-1.3 flash-player-gnome-11.2.202.548-111.1 flash-player-11.2.202.406-1.3 as a component of SUSE Linux Enterprise Desktop 12 flash-player-gnome-11.2.202.406-1.3 as a component of SUSE Linux Enterprise Desktop 12 flash-player-11.2.202.548-111.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 flash-player-gnome-11.2.202.548-111.1 as a component of SUSE Linux Enterprise Desktop 12 SP1 flash-player-11.2.202.406-1.3 as a component of SUSE Linux Enterprise Workstation Extension 12 flash-player-gnome-11.2.202.406-1.3 as a component of SUSE Linux Enterprise Workstation Extension 12 flash-player-11.2.202.548-111.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP1 flash-player-gnome-11.2.202.548-111.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP1 Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file. CVE-2009-3794 SUSE Linux Enterprise Desktop 12:flash-player-11.2.202.406-1.3 SUSE Linux Enterprise Desktop 12:flash-player-gnome-11.2.202.406-1.3 SUSE Linux Enterprise Desktop 12 SP1:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Desktop 12 SP1:flash-player-gnome-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12:flash-player-11.2.202.406-1.3 SUSE Linux Enterprise Workstation Extension 12:flash-player-gnome-11.2.202.406-1.3 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-11.2.202.548-111.1 SUSE Linux Enterprise Workstation Extension 12 SP1:flash-player-gnome-11.2.202.548-111.1 critical 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C