What is the severity of CVE-2009-3796?

CVE-2009-3796 has a high severity rating due to its potential to allow attackers to execute arbitrary code.

How do I fix CVE-2009-3796?

To fix CVE-2009-3796, update Adobe Flash Player to version 10.0.42.34 or later and Adobe AIR to version 1.5.3 or later.

What type of vulnerability is CVE-2009-3796?

CVE-2009-3796 is a data injection vulnerability that can lead to arbitrary code execution.

Which software versions are affected by CVE-2009-3796?

Adobe Flash Player before version 10.0.42.34 and Adobe AIR before version 1.5.3 are affected by CVE-2009-3796.

How can attackers exploit CVE-2009-3796?

Attackers can exploit CVE-2009-3796 through unspecified vectors to inject data and execute arbitrary code.

Vulnerability/
CVE-2009-3796

critical

9.3

CWE

8/12/2009

10/12/2009

7/8/2024

CVE-2009-3796: Code Injection

First published: Tue Dec 08 2009(Updated: )

Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors, related to a "data injection vulnerability."

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
redhat/flash-plugin	<0:9.0.260.0-1.el3	0:9.0.260.0-1.el3
redhat/flash-plugin	<0:9.0.260.0-1.el4	0:9.0.260.0-1.el4
redhat/flash-plugin	<0:10.0.42.34-1.el5	0:10.0.42.34-1.el5
Adobe AIR SDK	<=1.5.2
Adobe AIR SDK	=1.0
Adobe AIR SDK	=1.0.1
Adobe AIR SDK	=1.1
Adobe AIR SDK	=1.5.1
Adobe Acrobat Reader	<=10.0.32.18
Adobe Acrobat Reader	=7.0
Adobe Acrobat Reader	=7.0.1
Adobe Acrobat Reader	=7.0.25
Adobe Acrobat Reader	=7.0.63
Adobe Acrobat Reader	=7.0.69.0
Adobe Acrobat Reader	=7.0.70.0
Adobe Acrobat Reader	=7.1
Adobe Acrobat Reader	=7.1.1
Adobe Acrobat Reader	=7.2
Adobe Acrobat Reader	=8
Adobe Acrobat Reader	=8
Adobe Acrobat Reader	=8.0
Adobe Acrobat Reader	=8.0
Adobe Acrobat Reader	=8.0
Adobe Acrobat Reader	=8.0.24.0
Adobe Acrobat Reader	=8.0.34.0
Adobe Acrobat Reader	=8.0.35.0
Adobe Acrobat Reader	=8.0.39.0
Adobe Acrobat Reader	=9.0
Adobe Acrobat Reader	=9.0.16
Adobe Acrobat Reader	=9.0.18d60
Adobe Acrobat Reader	=9.0.20
Adobe Acrobat Reader	=9.0.20.0
Adobe Acrobat Reader	=9.0.28
Adobe Acrobat Reader	=9.0.28.0
Adobe Acrobat Reader	=9.0.31
Adobe Acrobat Reader	=9.0.31.0
Adobe Acrobat Reader	=9.0.45.0
Adobe Acrobat Reader	=9.0.47.0
Adobe Acrobat Reader	=9.0.112.0
Adobe Acrobat Reader	=9.0.114.0
Adobe Acrobat Reader	=9.0.115.0
Adobe Acrobat Reader	=9.0.124.0
Adobe Acrobat Reader	=9.0.155.0
Adobe Acrobat Reader	=9.0.159.0
Adobe Acrobat Reader	=9.125.0
Adobe Acrobat Reader	=10.0.0.584
Adobe Acrobat Reader	=10.0.12.10
Adobe Acrobat Reader	=10.0.12.36
Adobe Acrobat Reader	=10.0.22.87

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

What is the severity of CVE-2009-3796?
CVE-2009-3796 has a high severity rating due to its potential to allow attackers to execute arbitrary code.
How do I fix CVE-2009-3796?
To fix CVE-2009-3796, update Adobe Flash Player to version 10.0.42.34 or later and Adobe AIR to version 1.5.3 or later.
What type of vulnerability is CVE-2009-3796?
CVE-2009-3796 is a data injection vulnerability that can lead to arbitrary code execution.
Which software versions are affected by CVE-2009-3796?
Adobe Flash Player before version 10.0.42.34 and Adobe AIR before version 1.5.3 are affected by CVE-2009-3796.
How can attackers exploit CVE-2009-3796?
Attackers can exploit CVE-2009-3796 through unspecified vectors to inject data and execute arbitrary code.

agent/type
agent/first-publish-date
agent/references
agent/severity
agent/remedy
agent/weakness
agent/author
agent/description
collector/redhat-cve
source/Red Hat
agent/software-canonical-lookup
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/trending
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
package-manager/redhat
vendor/adobe
canonical/adobe air sdk
version/adobe air sdk/1.5.2
version/adobe air sdk/1.0
version/adobe air sdk/1.0.1
version/adobe air sdk/1.1
version/adobe air sdk/1.5.1
canonical/adobe acrobat reader
version/adobe acrobat reader/10.0.32.18
version/adobe acrobat reader/7.0
version/adobe acrobat reader/7.0.1
version/adobe acrobat reader/7.0.25
version/adobe acrobat reader/7.0.63
version/adobe acrobat reader/7.0.69.0
version/adobe acrobat reader/7.0.70.0
version/adobe acrobat reader/7.1
version/adobe acrobat reader/7.1.1
version/adobe acrobat reader/7.2
version/adobe acrobat reader/8
version/adobe acrobat reader/8.0
version/adobe acrobat reader/8.0.24.0
version/adobe acrobat reader/8.0.34.0
version/adobe acrobat reader/8.0.35.0
version/adobe acrobat reader/8.0.39.0
version/adobe acrobat reader/9.0
version/adobe acrobat reader/9.0.16
version/adobe acrobat reader/9.0.18d60
version/adobe acrobat reader/9.0.20
version/adobe acrobat reader/9.0.20.0
version/adobe acrobat reader/9.0.28
version/adobe acrobat reader/9.0.28.0
version/adobe acrobat reader/9.0.31
version/adobe acrobat reader/9.0.31.0
version/adobe acrobat reader/9.0.45.0
version/adobe acrobat reader/9.0.47.0
version/adobe acrobat reader/9.0.112.0
version/adobe acrobat reader/9.0.114.0
version/adobe acrobat reader/9.0.115.0
version/adobe acrobat reader/9.0.124.0
version/adobe acrobat reader/9.0.155.0
version/adobe acrobat reader/9.0.159.0
version/adobe acrobat reader/9.125.0
version/adobe acrobat reader/10.0.0.584
version/adobe acrobat reader/10.0.12.10
version/adobe acrobat reader/10.0.12.36
version/adobe acrobat reader/10.0.22.87

CVE-2009-3796: Code Injection

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Frequently Asked Questions

What is the severity of CVE-2009-3796?

How do I fix CVE-2009-3796?

What type of vulnerability is CVE-2009-3796?

Which software versions are affected by CVE-2009-3796?

How can attackers exploit CVE-2009-3796?

Company

Resources

Contact