CVE-2010-2173

2010-06-1518:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-2173

adobe flash player

adobe air

arbitrary code execution

invalid pointer vulnerability

newclass operator

security vulnerability

9.5 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.014 Low

EPSS

Percentile

86.2%

JSON

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an “invalid pointer vulnerability” and the newclass (0x58) operator, a different vulnerability than CVE-2010-2174.

CPENameOperatorVersion
adobe:flash_playeradobe flash playereq9.0.125.0
adobe:flash_playeradobe flash playereq9.0.48.0
adobe:flash_playeradobe flash playereq9.0.262.0
adobe:flash_playeradobe flash playereq9.0.124.0
adobe:flash_playeradobe flash playereq9.0.47.0
adobe:flash_playeradobe flash playereq9.0.20.0
adobe:flash_playeradobe flash playereq9.0.31.0
adobe:flash_playeradobe flash playereq9.0.260.0
adobe:flash_playeradobe flash playereq9.0.159.0
adobe:flash_playeradobe flash playereq9.0.16

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	eq	9.0.125.0
adobe:flash_player	adobe flash player	eq	9.0.48.0
adobe:flash_player	adobe flash player	eq	9.0.262.0
adobe:flash_player	adobe flash player	eq	9.0.124.0
adobe:flash_player	adobe flash player	eq	9.0.47.0
adobe:flash_player	adobe flash player	eq	9.0.20.0
adobe:flash_player	adobe flash player	eq	9.0.31.0
adobe:flash_player	adobe flash player	eq	9.0.260.0
adobe:flash_player	adobe flash player	eq	9.0.159.0
adobe:flash_player	adobe flash player	eq	9.0.16