PRIOn knowledge basePRION:CVE-2010-2173Design/Logic Flaw
7.7 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.014 Low
EPSS
Percentile
86.0%
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an “invalid pointer vulnerability” and the newclass (0x58) operator, a different vulnerability than CVE-2010-2174.
| CPE | Name | Operator | Version |
|---|---|---|---|
| air | eq | 1.5.2 | |
| air | eq | 1.5.3 | |
| air | eq | 1.5 | |
| air | eq | 1.0 | |
| air | eq | 1.1 | |
| air | le | 1.5.3.9130 | |
| air | eq | 1.5.1 | |
| flash_player | eq | 9.0.125.0 | |
| flash_player | eq | 9.0.48.0 | |
| flash_player | eq | 9.0.262.0 |
References
itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html
lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
secunia.com/advisories/40144
secunia.com/advisories/40545
secunia.com/advisories/43026
security.gentoo.org/glsa/glsa-201101-09.xml
securitytracker.com/id?1024085
securitytracker.com/id?1024086
support.apple.com/kb/HT4435
www.adobe.com/support/security/bulletins/apsb10-14.html
www.redhat.com/support/errata/RHSA-2010-0464.html
www.redhat.com/support/errata/RHSA-2010-0470.html
www.securityfocus.com/archive/1/511848/100/0/threaded
www.securityfocus.com/bid/40759
www.securityfocus.com/bid/40800
www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt
www.us-cert.gov/cas/techalerts/TA10-162A.html
www.vupen.com/english/advisories/2010/1421
www.vupen.com/english/advisories/2010/1432
www.vupen.com/english/advisories/2010/1434
www.vupen.com/english/advisories/2010/1453
www.vupen.com/english/advisories/2010/1482
www.vupen.com/english/advisories/2010/1522
www.vupen.com/english/advisories/2010/1793
www.vupen.com/english/advisories/2011/0192
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16261
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6762
Related
7.7 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.014 Low
EPSS
Percentile
86.0%