CVE-2010-2162

2010-06-1518:00:00

CWE-119

[email protected]

web.nvd.nist.gov

adobe flash player

adobe air

cve-2010-2162

denial of service

heap memory corruption

arbitrary code

vulnerability

nvd

9.5 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.013 Low

EPSS

Percentile

85.9%

JSON

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors related to improper length calculation and the (1) STSC, (2) STSZ, and (3) STCO atoms.

CPENameOperatorVersion
adobe:flash_playeradobe flash playereq9.0.125.0
adobe:flash_playeradobe flash playereq9.0.48.0
adobe:flash_playeradobe flash playereq9.0.262.0
adobe:flash_playeradobe flash playereq9.0.124.0
adobe:flash_playeradobe flash playereq9.0.47.0
adobe:flash_playeradobe flash playereq9.0.20.0
adobe:flash_playeradobe flash playereq9.0.31.0
adobe:flash_playeradobe flash playereq9.0.260.0
adobe:flash_playeradobe flash playereq9.0.159.0
adobe:flash_playeradobe flash playereq9.0.16

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	eq	9.0.125.0
adobe:flash_player	adobe flash player	eq	9.0.48.0
adobe:flash_player	adobe flash player	eq	9.0.262.0
adobe:flash_player	adobe flash player	eq	9.0.124.0
adobe:flash_player	adobe flash player	eq	9.0.47.0
adobe:flash_player	adobe flash player	eq	9.0.20.0
adobe:flash_player	adobe flash player	eq	9.0.31.0
adobe:flash_player	adobe flash player	eq	9.0.260.0
adobe:flash_player	adobe flash player	eq	9.0.159.0
adobe:flash_player	adobe flash player	eq	9.0.16