CVE-2009-3799

Publication date 10 December 2009

Last updated 24 July 2024

Ubuntu priority

Description

Integer overflow in the Verifier::parseExceptionHandlers function in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via an SWF file with a large exception_count value that triggers memory corruption, related to "generation of ActionScript exception handlers."

Status

Show unmaintained releases

Package	Ubuntu Release	Status
flashplugin-nonfree	10.04 LTS lucid	Not affected
	9.10 karmic	Fixed 10.0.42.34ubuntu0.9.10.1
	9.04 jaunty	Fixed 10.0.42.34ubuntu0.9.04.1
	8.10 intrepid	Fixed 10.0.42.34ubuntu0.8.10.1
	8.04 LTS hardy	Fixed 0.0.1.218+really9.0.260.0ubuntu1
	6.06 LTS dapper	Ignored end of life

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2009-3799