CVE-2020-9633

CVE Database · CVE-2020-9633

CVE-2020-9633

· CRITICALModified

CVSS v3.1

9.8

EPSS

7.56%

Published

Jun 12, 2020

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-416

Affected Products (13)

adobe · flash_player_desktop_runtimevulnerable

apple · macos

linux · linux_kernel

microsoft · windows

adobe · flash_playervulnerable

apple · macos

google · chrome_os