CVE-2009-1867

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a clickjacking vulnerability.

Weakness

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Affected Software

Name	Vendor	Start Version	End Version
Air	Adobe	*	1.5.1 (including)
Air	Adobe	1.0 (including)	1.0 (including)
Air	Adobe	1.01 (including)	1.01 (including)
Air	Adobe	1.1 (including)	1.1 (including)
Air	Adobe	1.5 (including)	1.5 (including)
Flash_player	Adobe	*	10.0.22.87 (including)
Flash_player	Adobe	7.0 (including)	7.0 (including)
Flash_player	Adobe	7.0.1 (including)	7.0.1 (including)
Flash_player	Adobe	7.0.25 (including)	7.0.25 (including)
Flash_player	Adobe	7.0.63 (including)	7.0.63 (including)
Flash_player	Adobe	7.0.69.0 (including)	7.0.69.0 (including)
Flash_player	Adobe	7.0.70.0 (including)	7.0.70.0 (including)
Flash_player	Adobe	7.1 (including)	7.1 (including)
Flash_player	Adobe	7.1.1 (including)	7.1.1 (including)
Flash_player	Adobe	7.2 (including)	7.2 (including)
Flash_player	Adobe	8.0 (including)	8.0 (including)
Flash_player	Adobe	8.0.24.0 (including)	8.0.24.0 (including)
Flash_player	Adobe	8.0.34.0 (including)	8.0.34.0 (including)
Flash_player	Adobe	8.0.35.0 (including)	8.0.35.0 (including)
Flash_player	Adobe	8.0.39.0 (including)	8.0.39.0 (including)
Flash_player	Adobe	9.0.16 (including)	9.0.16 (including)
Flash_player	Adobe	9.0.20 (including)	9.0.20 (including)
Flash_player	Adobe	9.0.20.0 (including)	9.0.20.0 (including)
Flash_player	Adobe	9.0.28 (including)	9.0.28 (including)
Flash_player	Adobe	9.0.28.0 (including)	9.0.28.0 (including)
Flash_player	Adobe	9.0.31.0 (including)	9.0.31.0 (including)
Flash_player	Adobe	9.0.45.0 (including)	9.0.45.0 (including)
Flash_player	Adobe	9.0.47.0 (including)	9.0.47.0 (including)
Flash_player	Adobe	9.0.48.0 (including)	9.0.48.0 (including)
Flash_player	Adobe	9.0.112.0 (including)	9.0.112.0 (including)
Flash_player	Adobe	9.0.114.0 (including)	9.0.114.0 (including)
Flash_player	Adobe	9.0.115.0 (including)	9.0.115.0 (including)
Flash_player	Adobe	9.0.124.0 (including)	9.0.124.0 (including)
Flash_player	Adobe	10.0.0.584 (including)	10.0.0.584 (including)
Flash_player	Adobe	10.0.12.10 (including)	10.0.12.10 (including)
Flash_player	Adobe	10.0.12.36 (including)	10.0.12.36 (including)
Flex	Adobe	3.0 (including)	3.0 (including)
Extras for RHEL 3	RedHat	flash-plugin-0:9.0.246.0-2.el3.with.oss	*
Extras for RHEL 4	RedHat	flash-plugin-0:9.0.246.0-2.el4	*
Supplementary for Red Hat Enterprise Linux 5	RedHat	flash-plugin-0:10.0.32.18-2.el5	*
Adobe-flashplugin	Ubuntu	hardy	*
Adobe-flashplugin	Ubuntu	intrepid	*
Adobe-flashplugin	Ubuntu	jaunty	*
Adobe-flashplugin	Ubuntu	karmic	*
Adobe-flashplugin	Ubuntu	upstream	*
Flashplugin-nonfree	Ubuntu	dapper	*
Flashplugin-nonfree	Ubuntu	devel	*
Flashplugin-nonfree	Ubuntu	hardy	*
Flashplugin-nonfree	Ubuntu	intrepid	*
Flashplugin-nonfree	Ubuntu	jaunty	*
Flashplugin-nonfree	Ubuntu	karmic	*
Flashplugin-nonfree	Ubuntu	upstream	*

Potential Mitigations

Follow the principle of least privilege when assigning access rights to entities in a software system.
Denying access to a file can prevent an attacker from replacing that file with a link to a sensitive file. Ensure good compartmentalization in the system to provide protected areas that can be trusted.

NVD	https://nvd.nist.gov/vuln/detail/CVE-2009-1867
CWE	https://cwe.mitre.org/data/definitions/59.html

Improper Link Resolution Before File Access ('Link Following')

Weakness

Affected Software

Potential Mitigations

References

CVE-2009-1867

Improper Link Resolution Before File Access ('Link Following')

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References