vulnerability alert CVE-2009-1862

Adobe Flash, Reader: code execution via authplay.dll

Synthesis of the vulnerability

An attacker can invite the victim to see a malicious Flash application, in order to execute code on his computer.

Severity: 3/4. Creation date: 23/07/2009.

Description of the vulnerability

The Flash Player can be called:  - from a web browser, or  - from a PDF document containing Flash data Adobe announced a vulnerability in the authplay.dll library of the Flash Player. Technical details are unknown. An attacker can therefore invite the victim to see a malicious Flash application, in order to execute code on his computer.

Complete Vigil@nce bulletin

Access to the complete Vigil@nce bulletin

Characteristics

Title: Adobe Flash, Reader: code execution via authplay.dll. Keywords: Adobe Flash PDF Player Reader authplay code execution. Identifiers: APSA09-03, APSB09-10, BID-35759, CVE-2009-1862, VIGILANCE-VUL-8881, VU#259425. Pointed by: VIGILANCE-VUL-8905.

Information sources

Publications and announces Source example: Potential Adobe Reader, Acrobat, and Flash Player issue

Solutions for this vulnerability

Patch or workaround

Computer vulnerabilities tracking service

The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Security vulnerability alerts