Lucene search

[email protected]CVE-2010-2879

HistoryAug 26, 2010 - 9:00 p.m.

CVE-2010-2879

2010-08-2621:00:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2010-2879

adobe shockwave player

integer overflow

denial of service

heap memory corruption

arbitrary code

nvd

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.083 Low

EPSS

Percentile

94.4%

JSON

Multiple integer overflows in the allocator in the TextXtra.x32 module in Adobe Shockwave Player before 11.5.8.612 allow remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted (1) element count or (2) element size value in a file.

CPENameOperatorVersion
adobe:shockwave_playeradobe shockwave playereq8.5.324
adobe:shockwave_playeradobe shockwave playerle11.5.7.609
adobe:shockwave_playeradobe shockwave playereq5.0
adobe:shockwave_playeradobe shockwave playereq4.0
adobe:shockwave_playeradobe shockwave playereq8.5.1
adobe:shockwave_playeradobe shockwave playereq10.1.4.020
adobe:shockwave_playeradobe shockwave playereq11.5.1.601
adobe:shockwave_playeradobe shockwave playereq11.0.0.456
adobe:shockwave_playeradobe shockwave playereq6.0
adobe:shockwave_playeradobe shockwave playereq8.0.204

CPE	Name	Operator	Version
adobe:shockwave_player	adobe shockwave player	eq	8.5.324
adobe:shockwave_player	adobe shockwave player	le	11.5.7.609
adobe:shockwave_player	adobe shockwave player	eq	5.0
adobe:shockwave_player	adobe shockwave player	eq	4.0
adobe:shockwave_player	adobe shockwave player	eq	8.5.1
adobe:shockwave_player	adobe shockwave player	eq	10.1.4.020
adobe:shockwave_player	adobe shockwave player	eq	11.5.1.601
adobe:shockwave_player	adobe shockwave player	eq	11.0.0.456
adobe:shockwave_player	adobe shockwave player	eq	6.0
adobe:shockwave_player	adobe shockwave player	eq	8.0.204

Rows per page:

1-10 of 401

References

dvlabs.tippingpoint.com/advisory/TPTI-10-12

www.adobe.com/support/security/bulletins/apsb10-20.html

www.securityfocus.com/archive/1/513300/100/0/threaded

www.securitytracker.com/id?1024361

www.vupen.com/english/advisories/2010/2176

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11998

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.083 Low

EPSS

Percentile

94.4%

JSON

Related for CVE-2010-2879

securityvulns3 prion1 nessus2 openvas2