ID CVE-2009-0114
Summary Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking issue variant."
References
Vulnerable Configurations
  • cpe:2.3:a:adobe:flash_player:9.0.48.0
  • cpe:2.3:a:adobe:flash_player:9.0.47.0
  • cpe:2.3:a:adobe:flash_player:9.0.45.0
  • Adobe Flash Player 9.0.31.0
    cpe:2.3:a:adobe:flash_player:9.0.31.0
  • cpe:2.3:a:adobe:flash_player:9.0.28.0
  • Adobe Flash Player 9.0.28
    cpe:2.3:a:adobe:flash_player:9.0.28
  • cpe:2.3:a:adobe:flash_player:9.0.20.0
  • Adobe Flash Player 9.0.20
    cpe:2.3:a:adobe:flash_player:9.0.20
  • cpe:2.3:a:adobe:flash_player:9.0.16
  • Adobe Flash Player 9.0.124.0
    cpe:2.3:a:adobe:flash_player:9.0.124.0
  • cpe:2.3:a:adobe:flash_player:9.0.115.0
  • Adobe Flash Player 9.0.114.0
    cpe:2.3:a:adobe:flash_player:9.0.114.0
  • Adobe Flash Player 9.0.112.0
    cpe:2.3:a:adobe:flash_player:9.0.112.0
  • Adobe Flash Player 10.0.12.36
    cpe:2.3:a:adobe:flash_player:10.0.12.36
  • cpe:2.3:a:adobe:flash_player_for_linux:10.0.15.3
    cpe:2.3:a:adobe:flash_player_for_linux:10.0.15.3
  • cpe:2.3:a:adobe:air:1.5
    cpe:2.3:a:adobe:air:1.5
  • cpe:2.3:a:adobe:flash_player:cs3:-:pro
    cpe:2.3:a:adobe:flash_player:cs3:-:pro
  • cpe:2.3:a:adobe:flash_player:cs4:-:pro
    cpe:2.3:a:adobe:flash_player:cs4:-:pro
  • cpe:2.3:a:adobe:flex:3.0
    cpe:2.3:a:adobe:flex:3.0
  • Adobe Flash Player 10.0.0.584
    cpe:2.3:a:adobe:flash_player:10.0.0.584
  • Adobe Flash Player 10.0.12.10
    cpe:2.3:a:adobe:flash_player:10.0.12.10
  • cpe:2.3:a:adobe:flash_player:7.0
  • Adobe Flash MX 2004
    cpe:2.3:a:adobe:flash_player:7.0.1
  • cpe:2.3:a:adobe:flash_player:7.0.63
  • cpe:2.3:a:adobe:flash_player:7.0.63:-:linux
    cpe:2.3:a:adobe:flash_player:7.0.63:-:linux
  • cpe:2.3:a:adobe:flash_player:7.0.69.0
  • Adobe Flash Player 7.0.70.0
    cpe:2.3:a:adobe:flash_player:7.0.70.0
  • Adobe Flash MX 2004
    cpe:2.3:a:adobe:flash_player:7.1
  • cpe:2.3:a:adobe:flash_player:7.1.1
  • cpe:2.3:a:adobe:flash_player:7.2
  • Adobe Flash Player 8.0
    cpe:2.3:a:adobe:flash_player:8.0
  • Adobe Flash 8.0.24.0
    cpe:2.3:a:adobe:flash_player:8.0.24.0
  • cpe:2.3:a:adobe:flash_player:8.0.34.0
  • cpe:2.3:a:adobe:flash_player:8.0.35.0
  • Adobe Flash Player 8.0.39.0
    cpe:2.3:a:adobe:flash_player:8.0.39.0
  • cpe:2.3:a:adobe:flash_player:8.0:-:basic
    cpe:2.3:a:adobe:flash_player:8.0:-:basic
  • cpe:2.3:a:adobe:flash_player:8.0:-:pro
    cpe:2.3:a:adobe:flash_player:8.0:-:pro
  • cpe:2.3:a:adobe:flash_player:7.0.25
  • Microsoft Windows
    cpe:2.3:o:microsoft:windows
CVSS
Base: 5.8 (as of 26-02-2009 - 14:10)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL PARTIAL
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_FLASH-PLAYER-6022.NASL
    description Specially crafted swf files could cause a buffer overflow in flash-player. Attackers could potentially exploit that to execute code on the victim's machine (CVE-2009-0519, CVE-2009-0520, CVE-2009-0114, CVE-2009-0521).
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 35747
    published 2009-02-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35747
    title openSUSE 10 Security Update : flash-player (flash-player-6022)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_FLASH-PLAYER-090226.NASL
    description Specially crafted swf files could cause a buffer overflow in flash-player. Attackers could potentially exploit that to execute code on the victim's machine (CVE-2009-0519, CVE-2009-0520, CVE-2009-0114, CVE-2009-0521).
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 39962
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39962
    title openSUSE Security Update : flash-player (flash-player-560)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_FLASH-PLAYER-6020.NASL
    description Specially crafted swf files could cause a buffer overflow in flash-player. Attackers could potentially exploit that to execute code on the victim's machine. (CVE-2009-0519 / CVE-2009-0520 / CVE-2009-0114 / CVE-2009-0521)
    last seen 2019-02-21
    modified 2016-12-22
    plugin id 51730
    published 2011-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51730
    title SuSE 10 Security Update : flash-player (ZYPP Patch Number 6020)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200903-23.NASL
    description The remote host is affected by the vulnerability described in GLSA-200903-23 (Adobe Flash Player: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Adobe Flash Player: The access scope of SystemsetClipboard() allows ActionScript programs to execute the method without user interaction (CVE-2008-3873). The access scope of FileReference.browse() and FileReference.download() allows ActionScript programs to execute the methods without user interaction (CVE-2008-4401). The Settings Manager controls can be disguised as normal graphical elements. This so-called 'clickjacking' vulnerability was disclosed by Robert Hansen of SecTheory, Jeremiah Grossman of WhiteHat Security, Eduardo Vela, Matthew Mastracci of DotSpots, and Liu Die Yu of TopsecTianRongXin (CVE-2008-4503). Adan Barth (UC Berkely) and Collin Jackson (Stanford University) discovered a flaw occurring when interpreting HTTP response headers (CVE-2008-4818). Nathan McFeters and Rob Carter of Ernst and Young's Advanced Security Center are credited for finding an unspecified vulnerability facilitating DNS rebinding attacks (CVE-2008-4819). When used in a Mozilla browser, Adobe Flash Player does not properly interpret jar: URLs, according to a report by Gregory Fleischer of pseudo-flaw.net (CVE-2008-4821). Alex 'kuza55' K. reported that Adobe Flash Player does not properly interpret policy files (CVE-2008-4822). The vendor credits Stefano Di Paola of Minded Security for reporting that an ActionScript attribute is not interpreted properly (CVE-2008-4823). Riley Hassell and Josh Zelonis of iSEC Partners reported multiple input validation errors (CVE-2008-4824). The aforementioned researchers also reported that ActionScript 2 does not verify a member element's size when performing several known and other unspecified actions, that DefineConstantPool accepts an untrusted input value for a 'constant count' and that character elements are not validated when retrieved from a data structure, possibly resulting in a NULL pointer dereference (CVE-2008-5361, CVE-2008-5362, CVE-2008-5363). The vendor reported an unspecified arbitrary code execution vulnerability (CVE-2008-5499). Liu Die Yu of TopsecTianRongXin reported an unspecified flaw in the Settings Manager related to 'clickjacking' (CVE-2009-0114). The vendor credits Roee Hay from IBM Rational Application Security for reporting an input validation error when processing SWF files (CVE-2009-0519). Javier Vicente Vallejo reported via the iDefense VCP that Adobe Flash does not remove object references properly, leading to a freed memory dereference (CVE-2009-0520). Josh Bressers of Red Hat and Tavis Ormandy of the Google Security Team reported an untrusted search path vulnerability (CVE-2009-0521). Impact : A remote attacker could entice a user to open a specially crafted SWF file, possibly resulting in the execution of arbitrary code with the privileges of the user or a Denial of Service (crash). Furthermore a remote attacker could gain access to sensitive information, disclose memory contents by enticing a user to open a specially crafted PDF file inside a Flash application, modify the victim's clipboard or render it temporarily unusable, persuade a user into uploading or downloading files, bypass security restrictions with the assistance of the user to gain access to camera and microphone, conduct Cross-Site Scripting and HTTP Header Splitting attacks, bypass the 'non-root domain policy' of Flash, and gain escalated privileges. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 35904
    published 2009-03-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35904
    title GLSA-200903-23 : Adobe Flash Player: Multiple vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_FLASH-PLAYER-090225.NASL
    description Specially crafted swf files could cause a buffer overflow in flash-player. Attackers could potentially exploit that to execute code on the victim's machine (CVE-2009-0519, CVE-2009-0520, CVE-2009-0114, CVE-2009-0521).
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 40216
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40216
    title openSUSE Security Update : flash-player (flash-player-560)
  • NASL family Windows
    NASL id FLASH_PLAYER_APSB09_01.NASL
    description The remote Windows host contains a version of Adobe Flash Player that is earlier than 9.0.159.0 / 10.0.22.87. Such versions are reportedly affected by multiple vulnerabilities : - A buffer overflow issue that could allow an attacker to execute arbitrary code with the privileges of the user running the application. (CVE-2009-0520) - An input validation vulnerability that leads to a denial of service attack and could possibly allow for an attacker to execute arbitrary code. (CVE-2009-0519) - A vulnerability in the Flash Player settings manager that could contribute to a clickjacking attack. (CVE-2009-0014) - A vulnerability with the mouse pointer display that could contribute to a clickjacking attack. (CVE-2009-0522)
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 35742
    published 2009-02-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35742
    title Flash Player 9.0.159.0 / 10.0.22.87 Multiple Vulnerabilities (APSB09-01)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2009-002.NASL
    description The remote host is running a version of Mac OS X 10.4 that does not have Security Update 2009-002 applied. This security update contains fixes for the following products : - Apache - ATS - BIND - CoreGraphics - Cscope - CUPS - Disk Images - enscript - Flash Player plug-in - Help Viewer - IPSec - Kerberos - Launch Services - libxml - Net-SNMP - Network Time - OpenSSL - QuickDraw Manager - Spotlight - system_cmds - telnet - Terminal - X11
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 38743
    published 2009-05-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38743
    title Mac OS X Multiple Vulnerabilities (Security Update 2009-002)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_FLASH-PLAYER-090316.NASL
    description Specially crafted swf files could cause a buffer overflow in flash-player. Attackers could potentially exploit that to execute code on the victim's machine. (CVE-2009-0519 / CVE-2009-0520 / CVE-2009-0114 / CVE-2009-0521)
    last seen 2019-02-21
    modified 2016-12-21
    plugin id 41391
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41391
    title SuSE 11 Security Update : flash-player (SAT Patch Number 612)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_5_7.NASL
    description The remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.7. Mac OS X 10.5.7 contains security fixes for the following products : - Apache - ATS - BIND - CFNetwork - CoreGraphics - Cscope - CUPS - Disk Images - enscript - Flash Player plug-in - Help Viewer - iChat - International Components for Unicode - IPSec - Kerberos - Kernel - Launch Services - libxml - Net-SNMP - Network Time - Networking - OpenSSL - PHP - QuickDraw Manager - ruby - Safari - Spotlight - system_cmds - telnet - Terminal - WebKit - X11
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 38744
    published 2009-05-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38744
    title Mac OS X 10.5.x < 10.5.7 Multiple Vulnerabilities
oval via4
  • accepted 2013-02-04T04:01:12.839-05:00
    class vulnerability
    contributors
    name Shane Shaffer
    organization G2, Inc.
    definition_extensions
    • comment Adobe Flash Player is Installed
      oval oval:org.mitre.oval:def:12319
    • comment Adobe Flash Player 10 is Installed
      oval oval:org.mitre.oval:def:12412
    description Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking issue variant."
    family macos
    id oval:org.mitre.oval:def:16419
    status accepted
    submitted 2012-12-20T15:35:55.661-05:00
    title Adobe Flash Player Settings Manager May Let Remote Users Conduct Clickjacking Attacks
    version 4
  • accepted 2015-03-16T04:01:58.055-04:00
    class vulnerability
    contributors
    • name Prabhu S A
      organization SecPod Technologies
    • name J. Daniel Brown
      organization DTCC
    • name Shane Shaffer
      organization G2, Inc.
    • name Maria Kedovskaya
      organization ALTX-SOFT
    • name Maria Kedovskaya
      organization ALTX-SOFT
    • name Maria Mikhno
      organization ALTX-SOFT
    • name Maria Mikhno
      organization ALTX-SOFT
    definition_extensions
    • comment Adobe Flash Player is installed
      oval oval:org.mitre.oval:def:6700
    • comment Adobe AIR is installed
      oval oval:org.mitre.oval:def:7479
    description Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking issue variant."
    family windows
    id oval:org.mitre.oval:def:6662
    status accepted
    submitted 2009-11-30T03:25:55
    title Adobe Flash Player Settings Manager May Let Remote Users Conduct Clickjacking Attacks
    version 61
refmap via4
apple APPLE-SA-2009-05-12
cert TA09-133A
confirm
gentoo GLSA-200903-23
misc http://isc.sans.org/diary.html?storyid=5929
sectrack 1021751
secunia
  • 34226
  • 34293
  • 35074
sunalert 254909
vupen
  • ADV-2009-0513
  • ADV-2009-0743
  • ADV-2009-1297
xf flash-settings-manager-click-hijacking(48902)
Last major update 02-11-2013 - 22:47
Published 26-02-2009 - 11:17
Last modified 28-09-2017 - 21:33
Back to Top