2009-1862 | Adobe Flash Player authplay.dll code injection (BID-35759 / XFDB-51954)

CVSS Meta Temp Score Current Exploit Price (≈) CTI Interest Score
10.0 $5k-$25k 0.25

A vulnerability, which was classified as very critical, has been found in Adobe Flash Player up to (Multimedia Player Software). This issue affects an unknown function in the library authplay.dll. The manipulation with an unknown input leads to a privilege escalation vulnerability. Using CWE to declare the problem leads to CWE-94. Impacted is confidentiality, integrity, and availability. The summary by CVE is:

Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through and 10.x through, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009.

The weakness was presented 07/23/2009 with Adobe as confirmed advisory (CERT.org). The advisory is shared at kb.cert.org. The identification of this vulnerability is CVE-2009-1862 since 06/01/2009. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Technical details are known, but no exploit is available. The price for an exploit might be around USD $5k-$25k at the moment (estimation calculated on 08/12/2021). It is expected to see the exploit prices for this product decreasing in the near future.

The vulnerability scanner Nessus provides a plugin with the ID 40434 (Flash Player Windows. The commercial vulnerability scanner Qualys is able to test this issue with plugin 116529 (Adobe Acrobat and Reader Remote Code Execution Vulnerabilities (APSA09-03 and APSB09-10)).

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 8348.

The vulnerability is also documented in the databases at SecurityFocus (BID 35759), X-Force (51954), Secunia (SA36193), Vulnerability Center (SBV-22959) and Tenable (40434). See 4049, 49229, 49228 and 49227 for similar entries.




VulDB Meta Base Score: 10.0
VulDB Meta Temp Score: 10.0

VulDB Base Score: 10.0
VulDB Temp Score: 10.0
VulDB Vector: 🔍
VulDB Reliability: 🔍

🔍 🔍 🔍 🔍 🔍 🔍
🔍 🔍 🔍 🔍 🔍 🔍
🔍 🔍 🔍 🔍 🔍 🔍
Vector Complexity Authentication Confidentiality Integrity Availability
unlock unlock unlock unlock unlock unlock
unlock unlock unlock unlock unlock unlock
unlock unlock unlock unlock unlock unlock

VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍

NVD Base Score: 🔍

Class: Privilege escalation
ATT&CK: Unknown

Local: No
Remote: Yes

Availability: 🔍
Status: Not defined

Price Prediction: 🔍
Current Price Estimation: 🔍

0-Day unlock unlock unlock unlock
Today unlock unlock unlock unlock

Nessus ID: 40434
Nessus Name: Flash Player Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍

OpenVAS ID: 64645
OpenVAS Name: Gentoo Security Advisory GLSA 200908-04 (adobe-flash acroread)
OpenVAS File: 🔍
OpenVAS Family: 🔍

Saint ID: exploit_info/flash_authplay
Saint Name: Adobe Flash Player authplay.dll vulnerability

Qualys ID: 🔍
Qualys Name: 🔍

Threat Intelligenceinfoedit

Interest: 🔍
Active Actors: 🔍
Active APT Groups: 🔍Recommended: no mitigation known
Status: 🔍

0-Day Time: 🔍
TippingPoint: 🔍

McAfee IPS: 🔍
McAfee IPS Version: 🔍

PaloAlto IPS: 🔍

06/01/2009 🔍
07/21/2009 +50 days 🔍
07/21/2009 +0 days 🔍
07/23/2009 +2 days 🔍
07/23/2009 +0 days 🔍
07/26/2009 +3 days 🔍
07/30/2009 +4 days 🔍
08/07/2009 +8 days 🔍
03/18/2015 +2049 days 🔍
08/12/2021 +2339 days 🔍Vendor: https://www.adobe.com/

Advisory: kb.cert.org
Organization: Adobe
Status: Confirmed
Confirmation: 🔍

CVE: CVE-2009-1862 (🔍)

SecurityFocus: 35759 – Adobe Acrobat, Reader, and Flash Player Remote Code Execution Vulnerability
Secunia: 36193 – Gentoo update for adobe-flash and acroread, Highly Critical
X-Force: 51954
Vulnerability Center: 22959 – [APSB09-10, APSB09-03] Adobe Reader and Acrobat 9- 9.1.2 and Flash Player 9-, 10- Remote Code Execution, Medium

See also: 🔍

Created: 03/18/2015 15:15
Updated: 08/12/2021 20:45
Changes: (3) source_nessus_risk exploit_price_0day vulnerability_cvss2_nvd_basescore
Complete: 🔍

Download the whitepaper to learn more about our service!

Source link