CVE-2009-3799 : Detail

CVE-2009-3799

51.7%V3
Network
2009-12-10
18h00 +00:00
2018-10-10
16h57 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

Integer overflow in the Verifier::parseExceptionHandlers function in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via an SWF file with a large exception_count value that triggers memory corruption, related to "generation of ActionScript exception handlers."

CVE Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE-189 Category : Numeric Errors
Weaknesses in this category are related to improper calculation or conversion of numbers.

Metrics

Metrics Score Severity CVSS Vector Source
V2 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
EPSS V0
EPSS V1
EPSS V2
EPSS V3
60.0060.0050.0050.0040.0040.0030.0030.0020.0020.0010.0010.000.000.009.92%9.92%9.92%18.66%27.83%26.57%20.63%19.48%21.26%24.59%33.08%43.07%50.19%51.7%Jul '22Jul '2220232023Jul '23Jul '2320242024Jul '24Jul '2420252025
Download SVG
Download PNG
Download CSV

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
9999969693939090878788%94%95%96%96%96%96%96%96%96%97%97%97%97%98%98%98%Jul '22Jul '2220232023Jul '23Jul '2320242024Jul '24Jul '2420252025
Download SVG
Download PNG
Download CSV

Products Mentioned

Configuraton 0

Adobe>>Adobe_air >> Version To (including) 1.5.2

Adobe>>Adobe_air >> Version 1.0

Adobe>>Adobe_air >> Version 1.0.1

Adobe>>Adobe_air >> Version 1.1

Adobe>>Adobe_air >> Version 1.5.1

Adobe>>Flash_player >> Version To (including) 10.0.32.18

Adobe>>Flash_player >> Version 7.0

Adobe>>Flash_player >> Version 7.0.1

Adobe>>Flash_player >> Version 7.0.25

Adobe>>Flash_player >> Version 7.0.63

Adobe>>Flash_player >> Version 7.0.69.0

Adobe>>Flash_player >> Version 7.0.70.0

Adobe>>Flash_player >> Version 7.1

Adobe>>Flash_player >> Version 7.1.1

Adobe>>Flash_player >> Version 7.2

Adobe>>Flash_player >> Version 8

    Adobe>>Flash_player >> Version 8

      Adobe>>Flash_player >> Version 8.0

      Adobe>>Flash_player >> Version 8.0

        Adobe>>Flash_player >> Version 8.0

          Adobe>>Flash_player >> Version 8.0.24.0

          Adobe>>Flash_player >> Version 8.0.34.0

          Adobe>>Flash_player >> Version 8.0.35.0

          Adobe>>Flash_player >> Version 8.0.39.0

          Adobe>>Flash_player >> Version 9.0

          Adobe>>Flash_player >> Version 9.0.16

          Adobe>>Flash_player >> Version 9.0.18d60

          Adobe>>Flash_player >> Version 9.0.20

          Adobe>>Flash_player >> Version 9.0.20.0

          Adobe>>Flash_player >> Version 9.0.28

          Adobe>>Flash_player >> Version 9.0.28.0

          Adobe>>Flash_player >> Version 9.0.31

          Adobe>>Flash_player >> Version 9.0.31.0

          Adobe>>Flash_player >> Version 9.0.45.0

          Adobe>>Flash_player >> Version 9.0.47.0

          Adobe>>Flash_player >> Version 9.0.112.0

          Adobe>>Flash_player >> Version 9.0.114.0

          Adobe>>Flash_player >> Version 9.0.115.0

          Adobe>>Flash_player >> Version 9.0.124.0

          Adobe>>Flash_player >> Version 9.0.155.0

          Adobe>>Flash_player >> Version 9.0.159.0

          Adobe>>Flash_player >> Version 9.125.0

          Adobe>>Flash_player >> Version 10.0.0.584

          Adobe>>Flash_player >> Version 10.0.12.10

          Adobe>>Flash_player >> Version 10.0.12.36

          Adobe>>Flash_player >> Version 10.0.22.87

          References

          http://www.redhat.com/support/errata/RHSA-2009-1657.html
          Tags : vendor-advisory, x_refsource_REDHAT
          http://securitytracker.com/id?1023307
          Tags : vdb-entry, x_refsource_SECTRACK
          http://osvdb.org/60889
          Tags : vdb-entry, x_refsource_OSVDB
          http://support.apple.com/kb/HT4004
          Tags : x_refsource_CONFIRM
          http://www.vupen.com/english/advisories/2009/3456
          Tags : vdb-entry, x_refsource_VUPEN
          http://secunia.com/advisories/37584
          Tags : third-party-advisory, x_refsource_SECUNIA
          http://secunia.com/advisories/37902
          Tags : third-party-advisory, x_refsource_SECUNIA
          http://securitytracker.com/id?1023306
          Tags : vdb-entry, x_refsource_SECTRACK
          http://www.redhat.com/support/errata/RHSA-2009-1658.html
          Tags : vendor-advisory, x_refsource_REDHAT
          http://www.us-cert.gov/cas/techalerts/TA09-343A.html
          Tags : third-party-advisory, x_refsource_CERT
          http://secunia.com/advisories/38241
          Tags : third-party-advisory, x_refsource_SECUNIA
          http://www.securityfocus.com/bid/37199
          Tags : vdb-entry, x_refsource_BID
          http://www.vupen.com/english/advisories/2010/0173
          Tags : vdb-entry, x_refsource_VUPEN