Rapid7 Vulnerability & Exploit Database

Security update for Adobe AIR (CVE-2009-3951)

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

Security update for Adobe AIR (CVE-2009-3951)

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:N/A:N)

Published

12/10/2009

Created

07/25/2018

Added

03/21/2012

Modified

10/08/2015

Description

Unspecified vulnerability in the Flash Player ActiveX control in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 on Windows allows remote attackers to obtain the names of local files via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4820.

Solution(s)

adobe-air-upgrade-latest

References

https://attackerkb.com/topics/cve-2009-3951
APPLE-SA-2010-01-19-1
37199
TA09-343A
CVE - 2009-3951
60891
OVAL6663
SUSE-SA:2009:062
http://www.adobe.com/support/security/bulletins/apsb09-19.html
54637

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;