Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009.
Conclusion & alert: CVE-2009-1862 is rated Critical Active Threat (91.1/100): CVSS High severity, with high exploitation likelihood (EPSS 58.57%, 98th percentile). Core evidence: CISA KEV confirms active exploitation (added 2022-06-08) affecting Adobe / Acrobat and Reader, Flash Player. a weakness (CWE-787) Unauthenticated remote administrative access may be possible. Mandatory action: The CISA remediation deadline has passed—treat as an emergency patch priority.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
: Adobe Acrobat and Reader, Flash Player Unspecified Vulnerability · CISA KEV detail
: 2022-06-08
: 2022-06-22
: For Adobe Acrobat and Reader, apply updates per vendor instructions. For Adobe Flash Player, the impacted product is end-of-life and should be disconnected if still in use.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2025-12-12 | 57.99% | 58.57% | +0.57% |
| 2 | 2025-06-11 | 62.78% | 57.99% | -4.78% |
| 3 | 2025-06-10 | — | 62.78% | — |
Full EPSS history (18 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 7.8 | 3.1 | HIGH |
|
1.8 | 5.9 | [email protected] |
| 7.8 | 3.1 | HIGH |
|
1.8 | 5.9 | 134c704f-9b21-4f2e-91b3-4a467353bcc0 |
| 9.3 | 2.0 | HIGH |
|
8.6 | 10.0 | [email protected] |
| vendor | priority | summary | link |
|---|---|---|---|
gentoo
|
normal | CVE-2009-1862: 1 GLSA(s) (200908-04), 2 atom(s) (app-text/acroread, www-plugins/adobe-flash); latest impact normal. | https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2009-1862 |
redhat
|
critical | — | https://access.redhat.com/security/cve/CVE-2009-1862 |
ubuntu
|
medium | CVE-2009-1862 medium priority: Ubuntu including 2 source packages (adobe-flashplugin, flashplugin-nonfree), 12 status rows across 6 suites (dapper, hardy, intrepid, jaunty, karmic, upstream): released 10, DNE 1, ignored 1. | https://ubuntu.com/security/CVE-2009-1862 |
: Per: http://www.kb.cert.org/vuls/id/259425 "Adobe Flash is a widely deployed multimedia platform typically used to provide content in web sites. Adobe Flash Player, Reader, Acrobat, and other Adobe products include Flash support. Adobe Flash Player contains a code execution vulnerability. An attacker may be able to trigger this vulnerability by convincing a user to open a specially crafted Flash (SWF) file. The SWF file could be hosted or embedded in a web page or contained in a Portable Document Format (PDF) file. If an attacker can take control of a website or web server, trusted sites may exploit this vulnerability. This vulnerability affects Adobe Flash versions 9.0.159.0 and 10.0.22.87 and earlier 9.x and 10.x versions. Adobe Reader 9, Acrobat 9, and other Adobe products (including Photoshop CS3, PhotoShop Lightroom, Freehand MX, Fireworks) provide Flash support independent of Flash Player. As of 2009-07-22, Adobe Reader 9.1.2 includes Flash 9.0.155.0, which is likely vulnerable to issues addressed by Flash 9.0.159.0"
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| adobe | acrobat | >= 9.0, <= 9.1.2 | cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:* |
| adobe | acrobat_reader | >= 9.0, <= 9.1.2 | cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:* |
| adobe | flash_player | >= 9.0, <= 9.0.159.0 | cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:* |
| adobe | flash_player | >= 10.0, <= 10.0.22.87 | cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:* |