Lucene search

PRIOn knowledge basePRION:CVE-2010-1297

HistoryJun 08, 2010 - 6:30 p.m.

Memory corruption

2010-06-0818:30:00

PRIOn knowledge base

www.prio-n.com

8.2 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.355 Low

EPSS

Percentile

97.0%

JSON

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.

CPENameOperatorVersion
acrobateq9.2
acrobateq9.1
acrobateq9.0
acrobatle9.3.2
acrobateq9.1.1
acrobateq9.3.1
acrobateq9.1.2
acrobateq9.1.3
acrobateq9.3
acrobat_readereq9.2

Name	Operator	Version
acrobat	eq	9.2
acrobat	eq	9.1
acrobat	eq	9.0
acrobat	le	9.3.2
acrobat	eq	9.1.1
acrobat	eq	9.3.1
acrobat	eq	9.1.2
acrobat	eq	9.1.3
acrobat	eq	9.3
acrobat_reader	eq	9.2

Rows per page:

1-10 of 481

References

blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash/

community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx

itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751

lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html

lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

secunia.com/advisories/40026

secunia.com/advisories/40034

secunia.com/advisories/40144

secunia.com/advisories/40545

secunia.com/advisories/43026

security.gentoo.org/glsa/glsa-201101-09.xml

securitytracker.com/id?1024057

securitytracker.com/id?1024058

securitytracker.com/id?1024085

securitytracker.com/id?1024086

support.apple.com/kb/HT4435

www.adobe.com/support/security/advisories/apsa10-01.html

www.adobe.com/support/security/bulletins/apsb10-14.html

www.adobe.com/support/security/bulletins/apsb10-15.html

www.kb.cert.org/vuls/id/486225

www.osvdb.org/65141

www.redhat.com/support/errata/RHSA-2010-0464.html

www.redhat.com/support/errata/RHSA-2010-0470.html

www.securityfocus.com/bid/40586

www.securityfocus.com/bid/40759

www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt

www.us-cert.gov/cas/techalerts/TA10-159A.html

www.us-cert.gov/cas/techalerts/TA10-162A.html

www.vupen.com/english/advisories/2010/1348

www.vupen.com/english/advisories/2010/1349

www.vupen.com/english/advisories/2010/1421

www.vupen.com/english/advisories/2010/1432

www.vupen.com/english/advisories/2010/1434

www.vupen.com/english/advisories/2010/1453

www.vupen.com/english/advisories/2010/1482

www.vupen.com/english/advisories/2010/1522

www.vupen.com/english/advisories/2010/1636

www.vupen.com/english/advisories/2010/1793

www.vupen.com/english/advisories/2011/0192

exchange.xforce.ibmcloud.com/vulnerabilities/59137

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7116

www.exploit-db.com/exploits/13787

8.2 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.355 Low

EPSS

Percentile

97.0%

JSON

Related for PRION:CVE-2010-1297