cve-2009-0522
Vulnerability from cvelistv5
Published
2009-02-26 16:00
Modified
2024-08-07 04:40
Severity ?
Summary
Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Windows allows remote attackers to trick a user into visiting an arbitrary URL via an unspecified manipulation of the "mouse pointer display," related to a "Clickjacking attack."
References
cve@mitre.orghttp://isc.sans.org/diary.html?storyid=5929
cve@mitre.orghttp://secunia.com/advisories/34012Vendor Advisory
cve@mitre.orghttp://securitytracker.com/id?1021752
cve@mitre.orghttp://www.adobe.com/support/security/bulletins/apsb09-01.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/0513Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/48903
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6674
af854a3a-2127-422b-91ae-364da2661108http://isc.sans.org/diary.html?storyid=5929
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34012Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1021752
af854a3a-2127-422b-91ae-364da2661108http://www.adobe.com/support/security/bulletins/apsb09-01.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0513Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/48903
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6674
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:40:03.762Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://isc.sans.org/diary.html?storyid=5929"
          },
          {
            "name": "1021752",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021752"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.adobe.com/support/security/bulletins/apsb09-01.html"
          },
          {
            "name": "ADV-2009-0513",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0513"
          },
          {
            "name": "oval:org.mitre.oval:def:6674",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6674"
          },
          {
            "name": "34012",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/34012"
          },
          {
            "name": "flash-unspecified-click-hijacking(48903)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48903"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-02-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Windows allows remote attackers to trick a user into visiting an arbitrary URL via an unspecified manipulation of the \"mouse pointer display,\" related to a \"Clickjacking attack.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://isc.sans.org/diary.html?storyid=5929"
        },
        {
          "name": "1021752",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021752"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.adobe.com/support/security/bulletins/apsb09-01.html"
        },
        {
          "name": "ADV-2009-0513",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0513"
        },
        {
          "name": "oval:org.mitre.oval:def:6674",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6674"
        },
        {
          "name": "34012",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/34012"
        },
        {
          "name": "flash-unspecified-click-hijacking(48903)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48903"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0522",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Windows allows remote attackers to trick a user into visiting an arbitrary URL via an unspecified manipulation of the \"mouse pointer display,\" related to a \"Clickjacking attack.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://isc.sans.org/diary.html?storyid=5929",
              "refsource": "MISC",
              "url": "http://isc.sans.org/diary.html?storyid=5929"
            },
            {
              "name": "1021752",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021752"
            },
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb09-01.html",
              "refsource": "CONFIRM",
              "url": "http://www.adobe.com/support/security/bulletins/apsb09-01.html"
            },
            {
              "name": "ADV-2009-0513",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0513"
            },
            {
              "name": "oval:org.mitre.oval:def:6674",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6674"
            },
            {
              "name": "34012",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/34012"
            },
            {
              "name": "flash-unspecified-click-hijacking(48903)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48903"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0522",
    "datePublished": "2009-02-26T16:00:00",
    "dateReserved": "2009-02-10T00:00:00",
    "dateUpdated": "2024-08-07T04:40:03.762Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:air:1.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15DDE65E-ED35-42B6-A139-BB6F571B5967\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"10.0.12.36\", \"matchCriteriaId\": \"67971799-2A4E-4FD2-BF8B-5E0B82032E55\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDFF4A51-C936-4C5B-8276-FD454C9E4F40\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D5ECC9D7-3386-4FEA-9218-91E31FF90F3A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0E93289-6EE0-401A-958D-F59D2CDAE2F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0FA3E556-BF8F-4D30-8DE5-09DA3FD8D5C3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:7.0.63:*:linux:*:*:*:*:*\", \"matchCriteriaId\": \"C00E5438-DBD7-4A47-8E5F-0D3946EA3102\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A82D5B56-44E0-4120-B73E-0A1155AF4B05\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E895107-ED8A-4F88-87C3-935EAE299C01\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4007D621-A0BC-4927-82A7-10D73802BCF8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"641776AE-5408-439E-8290-DD9324771874\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"138A932A-D775-46A2-86EC-3C03C96884C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D12E3957-D7B2-4F3B-BB64-8B50B8958DEF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:8.0:*:basic:*:*:*:*:*\", \"matchCriteriaId\": \"F648661E-BA18-41F9-A0A7-F9D5D7E2056B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:8.0:*:pro:*:*:*:*:*\", \"matchCriteriaId\": \"A88BDD68-3EDD-49F4-B656-EB03BF849664\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"32912721-F750-4C20-B999-E728F7D3A85D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A95FA639-346C-491C-81A8-6C2A7B01AA19\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9F1E5AB-DEFA-42FC-A299-C8EEB778F9C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC7DD938-F963-4E03-B66B-F00436E4EA9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F35F86B6-D49A-40F4-BFFA-5D6BBA2F7D8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4D5E27C-F6BF-4F84-9B83-6AEC98B4AA14\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"934A869D-D58D-4C36-B86E-013F62790585\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ACFA6611-99DA-48B0-89F7-DD99B8E30334\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"59AF804B-BD7A-4AD7-AD44-B5D980443B8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0557AA2A-FA3A-460A-8F03-DC74B149CA3D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FC04ABF-6191-4AA5-90B2-E7A97E6C6005\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F22F1B02-CCF5-4770-A79B-1F58CA4321CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"93957171-F1F4-43ED-A8B9-2D36C81EB1F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7AE89894-E492-4380-8A2B-4CDD3A15667A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C6ED706-BAF2-4795-B597-6F7EE8CA8911\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"260E2CF6-4D15-4168-A933-3EC52D8F93FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D50BF190-2629-49A8-A377-4723C93FFB3E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"08E4028B-72E7-4E4A-AD0F-645F5AACAA29\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63313ADA-3C52-47C8-9745-6BF6AEF0F6AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:cs3:*:pro:*:*:*:*:*\", \"matchCriteriaId\": \"A3618623-8C9F-47CA-BBF6-B0DA98CB41FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:cs4:*:pro:*:*:*:*:*\", \"matchCriteriaId\": \"9E1093EF-0A76-4757-9D8D-6808A5D95C86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player_for_linux:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"10.0.15.3\", \"matchCriteriaId\": \"A72D07B5-1311-4653-8E84-7414E11A797C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flex:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"54D250C7-E7DE-491C-9FE3-F9F77C971B24\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Windows allows remote attackers to trick a user into visiting an arbitrary URL via an unspecified manipulation of the \\\"mouse pointer display,\\\" related to a \\\"Clickjacking attack.\\\"\"}, {\"lang\": \"es\", \"value\": \"Adobe Flash Player 9.x antes de la 9.0.159.0 y 10.x antes de la 10.0.22.87 sobre Windows permite a atacantes remotos enga\\u00f1ar a un usuario para que visite una URL arbitraria a trav\\u00e9s de una manipulaci\\u00f3n no especificada de la \\\"pantalla el puntero del rat\\u00f3n\\\", relacionada con un \\\"ataque de Clickjacking \\\".\"}]",
      "evaluatorSolution": "Per: http://www.adobe.com/support/security/bulletins/apsb09-01.html\r\n\r\n\"This update resolves a Windows-only issue with mouse pointer display that could potentially contribute to a Clickjacking attack. (CVE-2009-0522)\"",
      "id": "CVE-2009-0522",
      "lastModified": "2024-11-21T01:00:09.003",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2009-02-26T16:17:19.937",
      "references": "[{\"url\": \"http://isc.sans.org/diary.html?storyid=5929\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/34012\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1021752\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.adobe.com/support/security/bulletins/apsb09-01.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/0513\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/48903\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6674\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://isc.sans.org/diary.html?storyid=5929\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/34012\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1021752\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.adobe.com/support/security/bulletins/apsb09-01.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/0513\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/48903\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6674\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-0522\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-02-26T16:17:19.937\",\"lastModified\":\"2024-11-21T01:00:09.003\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Windows allows remote attackers to trick a user into visiting an arbitrary URL via an unspecified manipulation of the \\\"mouse pointer display,\\\" related to a \\\"Clickjacking attack.\\\"\"},{\"lang\":\"es\",\"value\":\"Adobe Flash Player 9.x antes de la 9.0.159.0 y 10.x antes de la 10.0.22.87 sobre Windows permite a atacantes remotos enga\u00f1ar a un usuario para que visite una URL arbitraria a trav\u00e9s de una manipulaci\u00f3n no especificada de la \\\"pantalla el puntero del rat\u00f3n\\\", relacionada con un \\\"ataque de Clickjacking \\\".\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:air:1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15DDE65E-ED35-42B6-A139-BB6F571B5967\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.0.12.36\",\"matchCriteriaId\":\"67971799-2A4E-4FD2-BF8B-5E0B82032E55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDFF4A51-C936-4C5B-8276-FD454C9E4F40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5ECC9D7-3386-4FEA-9218-91E31FF90F3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0E93289-6EE0-401A-958D-F59D2CDAE2F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FA3E556-BF8F-4D30-8DE5-09DA3FD8D5C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:7.0.63:*:linux:*:*:*:*:*\",\"matchCriteriaId\":\"C00E5438-DBD7-4A47-8E5F-0D3946EA3102\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A82D5B56-44E0-4120-B73E-0A1155AF4B05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E895107-ED8A-4F88-87C3-935EAE299C01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4007D621-A0BC-4927-82A7-10D73802BCF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"641776AE-5408-439E-8290-DD9324771874\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"138A932A-D775-46A2-86EC-3C03C96884C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D12E3957-D7B2-4F3B-BB64-8B50B8958DEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:8.0:*:basic:*:*:*:*:*\",\"matchCriteriaId\":\"F648661E-BA18-41F9-A0A7-F9D5D7E2056B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:8.0:*:pro:*:*:*:*:*\",\"matchCriteriaId\":\"A88BDD68-3EDD-49F4-B656-EB03BF849664\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32912721-F750-4C20-B999-E728F7D3A85D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A95FA639-346C-491C-81A8-6C2A7B01AA19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9F1E5AB-DEFA-42FC-A299-C8EEB778F9C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC7DD938-F963-4E03-B66B-F00436E4EA9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F35F86B6-D49A-40F4-BFFA-5D6BBA2F7D8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4D5E27C-F6BF-4F84-9B83-6AEC98B4AA14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"934A869D-D58D-4C36-B86E-013F62790585\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACFA6611-99DA-48B0-89F7-DD99B8E30334\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59AF804B-BD7A-4AD7-AD44-B5D980443B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0557AA2A-FA3A-460A-8F03-DC74B149CA3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FC04ABF-6191-4AA5-90B2-E7A97E6C6005\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F22F1B02-CCF5-4770-A79B-1F58CA4321CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93957171-F1F4-43ED-A8B9-2D36C81EB1F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AE89894-E492-4380-8A2B-4CDD3A15667A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C6ED706-BAF2-4795-B597-6F7EE8CA8911\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"260E2CF6-4D15-4168-A933-3EC52D8F93FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D50BF190-2629-49A8-A377-4723C93FFB3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08E4028B-72E7-4E4A-AD0F-645F5AACAA29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63313ADA-3C52-47C8-9745-6BF6AEF0F6AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:cs3:*:pro:*:*:*:*:*\",\"matchCriteriaId\":\"A3618623-8C9F-47CA-BBF6-B0DA98CB41FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:cs4:*:pro:*:*:*:*:*\",\"matchCriteriaId\":\"9E1093EF-0A76-4757-9D8D-6808A5D95C86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player_for_linux:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.0.15.3\",\"matchCriteriaId\":\"A72D07B5-1311-4653-8E84-7414E11A797C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flex:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54D250C7-E7DE-491C-9FE3-F9F77C971B24\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}]}],\"references\":[{\"url\":\"http://isc.sans.org/diary.html?storyid=5929\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/34012\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1021752\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb09-01.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/0513\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/48903\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6674\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://isc.sans.org/diary.html?storyid=5929\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/34012\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1021752\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb09-01.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/0513\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/48903\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6674\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorSolution\":\"Per: http://www.adobe.com/support/security/bulletins/apsb09-01.html\\r\\n\\r\\n\\\"This update resolves a Windows-only issue with mouse pointer display that could potentially contribute to a Clickjacking attack. (CVE-2009-0522)\\\"\"}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.