Signature Detail

HTTP: Adobe Flash Player CVE-2009-1862 Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Adobe Acrobat and Reader. A successful attack can lead to arbitrary code execution.

Extended Description

Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009.

Affected Products

• adobe acrobat 9.0
• adobe acrobat 9.1
• adobe acrobat 9.1.1
• adobe acrobat 9.1.2
• adobe acrobat_reader 9.0
• adobe acrobat_reader 9.1
• adobe acrobat_reader 9.1.1
• adobe acrobat_reader 9.1.2
• adobe flash_player 10.0.0.584
• adobe flash_player 10.0.12.10
• adobe flash_player 10.0.12.36
• adobe flash_player 10.0.22.87
• adobe flash_player 9.0.112.0
• adobe flash_player 9.0.114.0
• adobe flash_player 9.0.115.0
• adobe flash_player 9.0.124.0
• adobe flash_player 9.0.155.0
• adobe flash_player 9.0.159.0
• adobe flash_player 9.0.16
• adobe flash_player 9.0.18d60
• adobe flash_player 9.0.20
• adobe flash_player 9.0.20.0
• adobe flash_player 9.0.28
• adobe flash_player 9.0.28.0
• adobe flash_player 9.0.31
• adobe flash_player 9.0.31.0
• adobe flash_player 9.0.45.0
• adobe flash_player 9.0.47.0
• adobe flash_player 9.0.48.0
• adobe flash_player 9.125.0

References

• CVE: CVE-2009-1862