Launchpad CVE tracker

CVE 2009-0520

Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a "buffer overflow issue."

Related bugs and status

CVE-2009-0520 (Candidate) is related to these bugs:

Bug #334134: flashplugin-nonfree update needed due to upstream change(APSB09-01)

		In	Importance	Status
334134	flashplugin-nonfree update needed due to upstream change(APSB09-01)	flashplugin-nonfree (Ubuntu)	High	Fix Released
334134	flashplugin-nonfree update needed due to upstream change(APSB09-01)	flashplugin-nonfree (Ubuntu Gutsy)	High	Fix Released
334134	flashplugin-nonfree update needed due to upstream change(APSB09-01)	flashplugin-nonfree (Ubuntu Hardy)	High	Fix Released
334134	flashplugin-nonfree update needed due to upstream change(APSB09-01)	flashplugin-nonfree (Ubuntu Intrepid)	High	Fix Released
334134	flashplugin-nonfree update needed due to upstream change(APSB09-01)	flashplugin-nonfree (Ubuntu Jaunty)	High	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2009-0520

References