CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
99.9%
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
Vendor | Product | Version | CPE |
---|---|---|---|
adobe | flash_player | * | cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:* |
adobe | flash_player | 6.0.21.0 | cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:* |
adobe | flash_player | 6.0.79 | cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:* |
adobe | flash_player | 7.0 | cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:* |
adobe | flash_player | 7.0.1 | cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:* |
adobe | flash_player | 7.0.25 | cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:* |
adobe | flash_player | 7.0.63 | cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:* |
adobe | flash_player | 7.0.69.0 | cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:* |
adobe | flash_player | 7.0.70.0 | cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:* |
adobe | flash_player | 7.1 | cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:* |
blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1
contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html
lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html
lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html
secunia.com/advisories/41917
secunia.com/advisories/42030
secunia.com/advisories/42183
secunia.com/advisories/42401
secunia.com/advisories/42926
secunia.com/advisories/43025
secunia.com/advisories/43026
security.gentoo.org/glsa/glsa-201101-08.xml
security.gentoo.org/glsa/glsa-201101-09.xml
securityreason.com/securityalert/8210
support.apple.com/kb/HT4435
www.adobe.com/support/security/advisories/apsa10-05.html
www.adobe.com/support/security/bulletins/apsb10-26.html
www.adobe.com/support/security/bulletins/apsb10-28.html
www.kb.cert.org/vuls/id/298081
www.redhat.com/support/errata/RHSA-2010-0829.html
www.redhat.com/support/errata/RHSA-2010-0834.html
www.redhat.com/support/errata/RHSA-2010-0867.html
www.redhat.com/support/errata/RHSA-2010-0934.html
www.securityfocus.com/bid/44504
www.securitytracker.com/id?1024659
www.securitytracker.com/id?1024660
www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt
www.vupen.com/english/advisories/2010/2903
www.vupen.com/english/advisories/2010/2906
www.vupen.com/english/advisories/2010/2918
www.vupen.com/english/advisories/2010/3111
www.vupen.com/english/advisories/2011/0173
www.vupen.com/english/advisories/2011/0191
www.vupen.com/english/advisories/2011/0192
www.vupen.com/english/advisories/2011/0344
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13294