CVE-2009-3792

Published Dec 21, 2009

Last updated a month ago

CVSS info 10.0

Overview

Description: Directory traversal vulnerability in Adobe Flash Media Server (FMS) before 3.5.3 allows attackers to load arbitrary DLL files via unspecified vectors.
Source: psirt@adobe.com
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-22

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:adobe:flash_media_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "152EFBB2-7E21-4D65-A332-B321A954CB46",
            "versionEndIncluding": "3.5.2"
          },
          {
            "criteria": "cpe:2.3:a:adobe:flash_media_server:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27046DD1-3C16-486F-B685-26DBAA024578"
          },
          {
            "criteria": "cpe:2.3:a:adobe:flash_media_server:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73544702-D995-43BA-92CB-01ED3642D22E"
          },
          {
            "criteria": "cpe:2.3:a:adobe:flash_media_server:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C5602CE-0860-46EC-9D31-13A83A81476A"
          },
          {
            "criteria": "cpe:2.3:a:adobe:flash_media_server:2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE2057CB-905A-4E81-A9EB-898105B2DF0A"
          },
          {
            "criteria": "cpe:2.3:a:adobe:flash_media_server:2.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "95E05CA6-B186-4213-A46F-C4E0458B2CA2"
          },
          {
            "criteria": "cpe:2.3:a:adobe:flash_media_server:2.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F9D585C-DBD6-4E13-A8FF-E043EC162D9D"
          },
          {
            "criteria": "cpe:2.3:a:adobe:flash_media_server:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE4A07B6-E5DA-4781-ABB3-DB2663E2A737"
          },
          {
            "criteria": "cpe:2.3:a:adobe:flash_media_server:3.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84681400-0CBD-41D1-94D0-B9045958793D"
          },
          {
            "criteria": "cpe:2.3:a:adobe:flash_media_server:3.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29A5E8DC-E664-4FAF-9ED9-7191433F01E5"
          },
          {
            "criteria": "cpe:2.3:a:adobe:flash_media_server:3.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7718612E-7563-4E7B-B8F1-0DA6DAA74E97"
          },
          {
            "criteria": "cpe:2.3:a:adobe:flash_media_server:3.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CCFF63A0-DCF8-484A-A8B0-010ECED76CED"
          },
          {
            "criteria": "cpe:2.3:a:adobe:flash_media_server:3.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8334A448-0DFF-4571-81BC-81ADEDBD9D7C"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References