UBUNTU-CVE-2020-9633

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2020-9633

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-9633.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2020-9633

Upstream

CVE-2020-9633

Published

2020-06-12T14:15:00Z

Modified

2025-07-16T08:15:23.435832Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

References

Affected packages

Ubuntu:16.04:LTS / flashplugin-nonfree

Package

Name: flashplugin-nonfree
Purl: pkg:deb/ubuntu/flashplugin-nonfree@32.0.0.387ubuntu0.16.04.1?arch=source&distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

32.0.0.387ubuntu0.16.04.1

Affected versions

11.*

11.2.202.540ubuntu2

11.2.202.548ubuntu1

11.2.202.554ubuntu1

11.2.202.559ubuntu1

11.2.202.569ubuntu1

11.2.202.577ubuntu1

11.2.202.616ubuntu1

11.2.202.621ubuntu0.16.04.1

11.2.202.626ubuntu0.16.04.1

11.2.202.632ubuntu0.16.04.1

11.2.202.635ubuntu0.16.04.1

11.2.202.637ubuntu0.16.04.1

11.2.202.643ubuntu0.16.04.1

11.2.202.644ubuntu0.16.04.1

24.*

24.0.0.186ubuntu0.16.04.1

24.0.0.194ubuntu0.16.04.1

24.0.0.221ubuntu0.16.04.1

25.*

25.0.0.127ubuntu0.16.04.1

25.0.0.148ubuntu0.16.04.1

25.0.0.171ubuntu0.16.04.1

26.*

26.0.0.126ubuntu0.16.04.1

26.0.0.131ubuntu0.16.04.1

26.0.0.137ubuntu0.16.04.1

26.0.0.151ubuntu0.16.04.1

27.*

27.0.0.130ubuntu0.16.04.1

27.0.0.159ubuntu0.16.04.1

27.0.0.170ubuntu0.16.04.1

27.0.0.183ubuntu0.16.04.1

27.0.0.187ubuntu0.16.04.1

28.*

28.0.0.126ubuntu0.16.04.1

28.0.0.137ubuntu0.16.04.1

28.0.0.161ubuntu0.16.04.1

29.*

29.0.0.113ubuntu0.16.04.1

29.0.0.140ubuntu0.16.04.1

29.0.0.171ubuntu0.16.04.1

30.*

30.0.0.113ubuntu0.16.04.1

30.0.0.134ubuntu0.16.04.1

30.0.0.154ubuntu0.16.04.1

31.*

31.0.0.108ubuntu0.16.04.1

31.0.0.122ubuntu0.16.04.1

31.0.0.148ubuntu0.16.04.1

31.0.0.153ubuntu0.16.04.1

32.*

32.0.0.101ubuntu0.16.04.1

32.0.0.114ubuntu0.16.04.1

32.0.0.142ubuntu0.16.04.1

32.0.0.156ubuntu0.16.04.1

32.0.0.171ubuntu0.16.04.1

32.0.0.192ubuntu0.16.04.1

32.0.0.207ubuntu0.16.04.1

32.0.0.223ubuntu0.16.04.1

32.0.0.238ubuntu0.16.04.1

32.0.0.255ubuntu0.16.04.1

32.0.0.270ubuntu0.16.04.1

32.0.0.293ubuntu0.16.04.1

32.0.0.303ubuntu0.16.04.2

32.0.0.314ubuntu0.16.04.1

32.0.0.330ubuntu0.16.04.1

32.0.0.344ubuntu0.16.04.1

32.0.0.363ubuntu0.16.04.1

32.0.0.371ubuntu0.16.04.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "32.0.0.387ubuntu0.16.04.1",
            "binary_name": "flashplugin-downloader"
        },
        {
            "binary_version": "32.0.0.387ubuntu0.16.04.1",
            "binary_name": "flashplugin-installer"
        }
    ],
    "availability": "No subscription required"
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-9633.json"

Ubuntu:18.04:LTS / flashplugin-nonfree

Package

Name: flashplugin-nonfree
Purl: pkg:deb/ubuntu/flashplugin-nonfree@32.0.0.387ubuntu0.18.04.1?arch=source&distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

32.0.0.387ubuntu0.18.04.1

Affected versions

27.*

27.0.0.170ubuntu1

27.0.0.187ubuntu1

28.*

28.0.0.126ubuntu1

28.0.0.137ubuntu1

28.0.0.161ubuntu1

28.0.0.161ubuntu2

28.0.0.161ubuntu3

29.*

29.0.0.113ubuntu1

29.0.0.140ubuntu1

29.0.0.171ubuntu1

30.*

30.0.0.113ubuntu0.18.04.1

30.0.0.134ubuntu0.18.04.1

30.0.0.154ubuntu0.18.04.1

31.*

31.0.0.108ubuntu0.18.04.1

31.0.0.122ubuntu0.18.04.1

31.0.0.148ubuntu0.18.04.1

31.0.0.153ubuntu0.18.04.1

32.*

32.0.0.101ubuntu0.18.04.1

32.0.0.114ubuntu0.18.04.1

32.0.0.142ubuntu0.18.04.1

32.0.0.156ubuntu0.18.04.1

32.0.0.171ubuntu0.18.04.1

32.0.0.192ubuntu0.18.04.1

32.0.0.207ubuntu0.18.04.1

32.0.0.223ubuntu0.18.04.1

32.0.0.238ubuntu0.18.04.1

32.0.0.255ubuntu0.18.04.1

32.0.0.270ubuntu0.18.04.1

32.0.0.293ubuntu0.18.04.1

32.0.0.303ubuntu0.18.04.2

32.0.0.314ubuntu0.18.04.1

32.0.0.330ubuntu0.18.04.1

32.0.0.344ubuntu0.18.04.1

32.0.0.363ubuntu0.18.04.1

32.0.0.371ubuntu0.18.04.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "32.0.0.387ubuntu0.18.04.1",
            "binary_name": "flashplugin-downloader"
        },
        {
            "binary_version": "32.0.0.387ubuntu0.18.04.1",
            "binary_name": "flashplugin-installer"
        }
    ],
    "availability": "No subscription required"
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-9633.json"

Ubuntu:20.04:LTS / flashplugin-nonfree

Package

Name: flashplugin-nonfree
Purl: pkg:deb/ubuntu/flashplugin-nonfree@32.0.0.387ubuntu0.20.04.1?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

32.0.0.387ubuntu0.20.04.1

Affected versions

32.*

32.0.0.255ubuntu1

32.0.0.293ubuntu1

32.0.0.303ubuntu1

32.0.0.303ubuntu2

32.0.0.314ubuntu1

32.0.0.330ubuntu1

32.0.0.344ubuntu1

32.0.0.344ubuntu2

32.0.0.363ubuntu1

32.0.0.371ubuntu0.20.04.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "32.0.0.387ubuntu0.20.04.1",
            "binary_name": "flashplugin-installer"
        }
    ],
    "availability": "No subscription required"
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-9633.json"