Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2010-3636
HistoryNov 07, 2010 - 10:00 p.m.

CVE-2010-3636

2010-11-0722:00:01
CWE-264
[email protected]
web.nvd.nist.gov
49
adobe flash player
cross-domain policy
remote code execution
cve-2010-3636
security vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.2 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.5%

JSON

Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, does not properly handle unspecified encodings during the parsing of a cross-domain policy file, which allows remote web servers to bypass intended access restrictions via unknown vectors.

Affected configurations

NVD
Node
adobeflash_playerRange9.09.0.289.0
OR
adobeflash_playerRange10.010.1.102.64
AND
applemac_os_xMatch-
OR
linuxlinux_kernelMatch-
OR
microsoftwindowsMatch-
OR
sunsolarisMatch-
Node
adobeflash_playerRange10.1.95.1
AND
googleandroidMatch-

References

Related

ubuntucve 1
cvelist 1
nvd 1
jvn 1
prion 1
nessus 17
redhat 3
openvas 12
securityvulns 5
freebsd 1
suse 1
gentoo 1
ubuntucve
ubuntucve
CVE-2010-3636
2010-11-07 00:00:00
cvelist
cvelist
CVE-2010-3636
2010-11-07 21:00:00
nvd
nvd
CVE-2010-3636
2010-11-07 22:00:01
jvn
jvn
JVN#48425028: Flash Player access restriction bypass vulnerability
2010-11-09 00:00:00
prion
prion
Cross site scripting
2010-11-07 22:00:00
nessus
nessus
RHEL 5 : flash-plugin (RHSA-2010:0829)
2013-01-24 00:00:00
RHEL 6 : flash-plugin (RHSA-2010:0867)
2010-11-18 00:00:00
Adobe Acrobat 9.x < 9.4.1 Multiple Vulnerabilities (APSB10-28)
2010-11-16 00:00:00
redhat
redhat
(RHSA-2010:0834) Critical: flash-plugin security update
2010-11-08 00:00:00
(RHSA-2010:0829) Critical: flash-plugin security update
2010-11-05 00:00:00
(RHSA-2010:0867) Critical: flash-plugin security update
2010-11-10 00:00:00
openvas
openvas
Adobe Flash Player Multiple Vulnerabilities (Linux)
2010-11-12 00:00:00
Adobe Flash Player Multiple Vulnerabilities (Windows)
2010-11-12 00:00:00
Adobe Flash Player Multiple Vulnerabilities - Windows
2010-11-12 00:00:00
securityvulns
securityvulns
Adobe Flash Player multiple security vulnerabilities
2010-11-08 00:00:00
Security update available for Adobe Flash Player
2010-11-08 00:00:00
[security bulletin] HPSBMA02663 SSRT100428 rev.1 - HP Systems Insight Manager &#40;SIM&#41; for HP-UX, Linux, and Windows, Remote Cross Site Scripting &#40;XSS&#41;, Cross Site Request Forgery &#40;CSRF&#41;, Execution of Arbitrary Code, Denial of Se
2011-04-21 00:00:00
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2010-09-28 00:00:00
suse
suse
remote code execution in flash-player
2010-11-05 13:12:10
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2011-01-21 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.2 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.5%

JSON
Related for CVE-2010-3636
ubuntucve1cvelist1nvd1jvn1prion1nessus17redhat3openvas12securityvulns5freebsd1suse1gentoo1