CVE-2009-0521 — MEDIUM (4.6)

Q: How severe is CVE-2009-0521?

CVE-2009-0521 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2009-0521?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player For Linux, Linux Linux Kernel.

Vulnerability Description

Untrusted search path vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Linux allows local users to obtain sensitive information or gain privileges via a crafted library in a directory contained in the RPATH.

CVSS Score

4.6

MEDIUM

AV:L/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Adobe	Flash Player For Linux	<= 10.0.15.3
Linux	Linux Kernel	-

Related Weaknesses (CWE)

CWE-200

References

http://isc.sans.org/diary.html?storyid=5929Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2009-0332.htmlThird Party Advisory
http://secunia.com/advisories/34012Broken Link
http://secunia.com/advisories/34226Broken Link
http://security.gentoo.org/glsa/glsa-200903-23.xmlThird Party Advisory
http://www.adobe.com/support/security/bulletins/apsb09-01.htmlPatchVendor Advisory
http://www.vupen.com/english/advisories/2009/0513Broken LinkPatchVendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=487144Issue TrackingThird Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/48904Third Party AdvisoryVDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
http://isc.sans.org/diary.html?storyid=5929Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2009-0332.htmlThird Party Advisory
http://secunia.com/advisories/34012Broken Link
http://secunia.com/advisories/34226Broken Link
http://security.gentoo.org/glsa/glsa-200903-23.xmlThird Party Advisory

FAQ

What is CVE-2009-0521?

CVE-2009-0521 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Untrusted search path vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Linux allows local users to obtain sensitive information or gain privileges via a crafted l...

How severe is CVE-2009-0521?

CVE-2009-0521 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2009-0521?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player For Linux, Linux Linux Kernel.