VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 10, 2009· Updated Apr 23, 2026

CVE-2009-3794

CVE-2009-3794

Description

Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Heap-based buffer overflow in Adobe Flash Player and AIR via crafted JPEG dimensions in SWF allows remote code execution.

Vulnerability

A heap-based buffer overflow exists in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 when parsing JPEG data embedded in an SWF file. The vulnerability is triggered by specially crafted dimensions of the JPEG image, leading to memory corruption. No special configuration is required beyond having an affected version of Flash Player or AIR installed.

Exploitation

An attacker can exploit this flaw by delivering a malicious SWF file containing crafted JPEG dimensions to a victim. The SWF file may be hosted on a website, sent as an email attachment, or delivered via other means. The victim must open the SWF file in a browser or application that uses the vulnerable Flash Player or AIR runtime. No authentication or additional privileges are needed; the attack is remote and requires user interaction.

Impact

Successful exploitation allows an attacker to execute arbitrary code on the victim's system with the privileges of the user running the Flash Player or AIR application. This can lead to full compromise of the affected system, including data theft, installation of malware, or further network propagation.

Mitigation

Adobe released Flash Player 10.0.42.34 and AIR 1.5.3 to address this vulnerability. Apple included the fix in Security Update 2010-001 [1]. Red Hat issued RHSA-2009-1658 and RHSA-2009-1657 for affected Linux distributions [2][3]. The Red Hat Bugzilla entry tracks the issue as part of APSB09-19 [4]. Users should update to the latest versions immediately. No workarounds are documented.

References
  1. About Security Update 2010-001 - Apple Support
  2. Support
  3. Support
  4. 543857 – (APSB09-19, CVE-2009-3794, CVE-2009-3796, CVE-2009-3797, CVE-2009-3798, CVE-2009-3799, CVE-2009-3800) flash-plugin: multiple code execution flaws (APSB09-19) (CVE-2009-3794, CVE-2009-3796, CVE-2009-3797, CVE-2009-3798, CVE-2009-3799, CVE-2009-3800)

AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

48
  • Adobe Inc./Air6 versions
    cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*range: <=1.5.2
    • cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:adobe_air:1.5.1:*:*:*:*:*:*:*
    • (no CPE)range: <1.5.3
  • Adobe Inc./Flashplayer41 versions
    cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*+ 40 more
    • cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*range: <=10.0.32.18
    • cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:8.0:*:basic:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:8.0:*:pro:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:8:*:pro:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:8:*:professional:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:9.0.155.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*
    • cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*
  • Adobe Inc./Flash Playerllm-fuzzy
    Range: <10.0.42.34

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

24

News mentions

0

No linked articles in our index yet.