Lucene search

[email protected]NVD:CVE-2010-2188

HistoryJun 15, 2010 - 6:00 p.m.

CVE-2010-2188

2010-06-1518:00:02

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.012

Percentile

85.5%

JSON

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by calling the ActionScript native object 2200 connect method multiple times with different arguments, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2187.

Affected configurations

Nvd

Node

adobeflash_playerMatch9.0.16

adobeflash_playerMatch9.0.20

adobeflash_playerMatch9.0.20.0

adobeflash_playerMatch9.0.28

adobeflash_playerMatch9.0.28.0

adobeflash_playerMatch9.0.31

adobeflash_playerMatch9.0.31.0

adobeflash_playerMatch9.0.45.0

adobeflash_playerMatch9.0.47.0

adobeflash_playerMatch9.0.48.0

adobeflash_playerMatch9.0.115.0

adobeflash_playerMatch9.0.124.0

adobeflash_playerMatch9.0.125.0

adobeflash_playerMatch9.0.151.0

adobeflash_playerMatch9.0.152.0

adobeflash_playerMatch9.0.159.0

adobeflash_playerMatch9.0.246.0

adobeflash_playerMatch9.0.260.0

adobeflash_playerMatch9.0.262.0

Node

adobeflash_playerRange≤10.0.45.2

adobeflash_playerMatch10.0.0.584

adobeflash_playerMatch10.0.12.10

adobeflash_playerMatch10.0.12.36

adobeflash_playerMatch10.0.15.3

adobeflash_playerMatch10.0.22.87

adobeflash_playerMatch10.0.32.18

adobeflash_playerMatch10.0.42.34

Node

adobeflash_playerMatch6.0.79

adobeflash_playerMatch7.0

adobeflash_playerMatch7.0.1

adobeflash_playerMatch7.0.14.0

adobeflash_playerMatch7.0.19.0

adobeflash_playerMatch7.0.24.0

adobeflash_playerMatch7.0.25

adobeflash_playerMatch7.0.53.0

adobeflash_playerMatch7.0.60.0

adobeflash_playerMatch7.0.61.0

adobeflash_playerMatch7.0.63

adobeflash_playerMatch7.0.66.0

adobeflash_playerMatch7.0.67.0

adobeflash_playerMatch7.0.68.0

adobeflash_playerMatch7.0.69.0

adobeflash_playerMatch7.0.70.0

adobeflash_playerMatch7.0.73.0

adobeflash_playerMatch7.1

adobeflash_playerMatch7.1.1

adobeflash_playerMatch7.2

adobeflash_playerMatch8.0

adobeflash_playerMatch8.0.22.0

adobeflash_playerMatch8.0.24.0

adobeflash_playerMatch8.0.33.0

adobeflash_playerMatch8.0.34.0

adobeflash_playerMatch8.0.35.0

adobeflash_playerMatch8.0.39.0

adobeflash_playerMatch8.0.42.0

macromediaflash_playerMatch5.0

macromediaflash_playerMatch5.0.30.0

macromediaflash_playerMatch5.0.41.0

macromediaflash_playerMatch5.0.42.0

macromediaflash_playerMatch5.0.58.0

Node

adobeairRange≤1.5.3.9130

adobeairMatch1.0

adobeairMatch1.1

adobeairMatch1.5

adobeairMatch1.5.1

adobeairMatch1.5.2

adobeairMatch1.5.3

References

itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751

lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html

lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

secunia.com/advisories/40144

secunia.com/advisories/40545

secunia.com/advisories/43026

security.gentoo.org/glsa/glsa-201101-09.xml

securitytracker.com/id?1024085

securitytracker.com/id?1024086

support.apple.com/kb/HT4435

www.adobe.com/support/security/bulletins/apsb10-14.html

www.adobe.com/support/security/bulletins/apsb10-16.html

www.redhat.com/support/errata/RHSA-2010-0464.html

www.redhat.com/support/errata/RHSA-2010-0470.html

www.securityfocus.com/archive/1/511924/100/0/threaded

www.securityfocus.com/bid/40759

www.securityfocus.com/bid/40798

www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt

www.us-cert.gov/cas/techalerts/TA10-162A.html

www.vupen.com/english/advisories/2010/1421

www.vupen.com/english/advisories/2010/1432

www.vupen.com/english/advisories/2010/1434

www.vupen.com/english/advisories/2010/1453

www.vupen.com/english/advisories/2010/1482

www.vupen.com/english/advisories/2010/1522

www.vupen.com/english/advisories/2010/1793

www.vupen.com/english/advisories/2011/0192

www.zerodayinitiative.com/advisories/ZDI-10-111

exchange.xforce.ibmcloud.com/vulnerabilities/59337

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16271

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6946

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.012

Percentile

85.5%

JSON

Related for NVD:CVE-2010-2188

ubuntucve13 prion13 cvelist13 nvd12 cve13 openvas18 nessus31 redhat2 suse3 securityvulns11 freebsd2 zdi5 seebug3 gentoo1