[email protected]CVE-2010-3637

HistoryNov 07, 2010 - 10:00 p.m.

CVE-2010-3637

2010-11-0722:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-3637

adobe flash player

activex control

code execution

memory corruption

flv video

nvd

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.14 Low

EPSS

Percentile

95.6%

JSON

An unspecified ActiveX control in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 (Flash10h.ocx) on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FLV video.

CPENameOperatorVersion
adobe:flash_playeradobe flash playerlt9.0.289.0
adobe:flash_playeradobe flash playerlt10.1.102.64

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	lt	9.0.289.0
adobe:flash_player	adobe flash player	lt	10.1.102.64

References

blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1

lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html

marc.info/?l=bugtraq&m=130331642631603&w=2

secunia.com/advisories/42926

www.adobe.com/support/security/bulletins/apsb10-26.html

www.securityfocus.com/archive/1/514652/100/0/threaded

www.securityfocus.com/bid/44690

www.vupen.com/english/advisories/2010/2903

www.vupen.com/english/advisories/2011/0173

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12259

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.14 Low

EPSS

Percentile

95.6%

JSON

Related for CVE-2010-3637

prion1 ubuntucve1 securityvulns5 openvas8 nessus11 freebsd1 suse1