Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:0F4E1C742351171F6A7E81111D6518CC
HistoryNov 16, 2010 - 12:00 a.m.

Adobe Flash Player Flash Content Parsing Code Execution

2010-11-1600:00:00
SAINT Corporation
my.saintcorporation.com
20

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON

Added: 11/16/2010
CVE: CVE-2010-3654
BID: 44504
OSVDB: 68932

Background

Adobe Reader is free software for viewing PDF documents.

Problem

Adobe Reader 9.x is vulnerable to a remote code execution vulnerability as a result of parsing flash content by the bundled Adobe Flash Player.

Resolution

Apply the patches referenced in APSA10-05 when they become available. In the interim, follow the relevant directions for mitigating the vulnerability in Adobe Reader.

References

<http://www.kb.cert.org/vuls/id/298081&gt;
<http://secunia.com/advisories/42030/&gt;

Limitations

Exploit works on Adobe Reader 9.4.0 and the user must open the exploit file in Adobe Reader.

Platforms

Windows

Related

openvas 16
symantec 1
metasploit 1
nessus 29
seebug 3
cve 1
checkpoint_advisories 2
prion 1
threatpost 3
packetstorm 1
saint 3
exploitpack 1
ubuntucve 1
canvas 1
cert 1
exploitdb 2
redhat 4
suse 2
securityvulns 3
freebsd 1
gentoo 2
securelist 1
openvas
openvas
Adobe Products Content Code Execution Vulnerability (Windows)
2010-11-10 00:00:00
Adobe Products Content Code Execution Vulnerability (CVE-2010-3654) - Windows
2010-11-10 00:00:00
Adobe Products Content Code Execution Vulnerability (Linux)
2010-11-10 00:00:00
symantec
symantec
Adobe Acrobat, Reader, and Flash CVE-2010-3654 Remote Code Execution Vulnerability
2010-10-28 00:00:00
metasploit
metasploit
Adobe Flash Player "Button" Remote Code Execution
2010-11-01 22:34:13
nessus
nessus
Adobe Acrobat 9 <= 9.4 (APSA10-05)
2010-10-28 00:00:00
SuSE 10 Security Update : flash-player (ZYPP Patch Number 7223)
2011-01-27 00:00:00
Adobe Reader 9 <= 9.4 (APSA10-05)
2010-10-28 00:00:00
seebug
seebug
Adobe Flash Player "Button" Remote Code Execution
2014-07-01 00:00:00
Adobe Flash Player authplay.dll库PDF文件解析远程代码执行漏洞
2010-11-01 00:00:00
Adobe Flash Player < 10.1.53 .64 Action Script Type Confusion Exploit (DEP+ASLR bypass)
2014-07-01 00:00:00
cve
cve
CVE-2010-3654
2010-10-29 19:00:00
checkpoint_advisories
checkpoint_advisories
Workaround for Adobe Flash Player Flash Content Parsing Code Execution Vulnerability (APSA10-05)
2010-11-01 00:00:00
Adobe Flash Player Flash Content Parsing Code Execution (APSA10-05; CVE-2010-3654)
2010-11-01 00:00:00
prion
prion
Memory corruption
2010-10-29 19:00:00
threatpost
threatpost
Adobe Releases Emergency Fix for Critical Reader Flaws
2010-11-16 19:41:53
Adobe Accelerates Patch Schedule for Critical Flash Bug
2010-11-02 19:15:03
New Adobe Flash Bug Being Exploited
2010-10-28 14:03:47
packetstorm
packetstorm
Adobe Flash Player "Button" Remote Code Execution
2010-11-03 00:00:00
saint
saint
Adobe Flash Player Flash Content Parsing Code Execution
2010-11-16 00:00:00
Adobe Flash Player Flash Content Parsing Code Execution
2010-11-16 00:00:00
Adobe Flash Player Flash Content Parsing Code Execution
2010-11-16 00:00:00
exploitpack
exploitpack
Adobe Flash Player 10.1.53.64 - Action Script Type Confusion (ASLR + DEP Bypass)
2011-04-19 00:00:00
ubuntucve
ubuntucve
CVE-2010-3654
2010-10-29 00:00:00
canvas
canvas
Immunity Canvas: ADOBE_FLASH_BUTTON
2010-10-29 19:00:00
cert
cert
Adobe Flash code execution vulnerability
2010-10-28 00:00:00
exploitdb
exploitdb
Adobe Flash Player &lt; 10.1.53.64 - Action Script Type Confusion (ASLR + DEP Bypass)
2011-04-19 00:00:00
Adobe Flash Player - &#039;Button&#039; Arbitrary Code Execution (Metasploit)
2010-11-01 00:00:00
redhat
redhat
(RHSA-2010:0934) Critical: acroread security update
2010-12-01 00:00:00
(RHSA-2010:0834) Critical: flash-plugin security update
2010-11-08 00:00:00
(RHSA-2010:0829) Critical: flash-plugin security update
2010-11-05 00:00:00
suse
suse
remote code execution in acoread
2010-12-08 17:17:01
remote code execution in flash-player
2010-11-05 13:12:10
securityvulns
securityvulns
Adobe Flash Player multiple security vulnerabilities
2010-11-08 00:00:00
Security update available for Adobe Flash Player
2010-11-08 00:00:00
About the security content of Mac OS X v10.6.5 and Security Update 2010-007
2010-11-18 00:00:00
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2010-09-28 00:00:00
gentoo
gentoo
Adobe Reader: Multiple vulnerabilities
2011-01-21 00:00:00
Adobe Flash Player: Multiple vulnerabilities
2011-01-21 00:00:00
securelist
securelist
Investigation Report for the September 2014 Equation malware detection incident in the US
2017-11-16 10:00:34

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON
Related for SAINT:0F4E1C742351171F6A7E81111D6518CC
openvas16symantec1metasploit1nessus29seebug3cve1checkpoint_advisories2prion1threatpost3packetstorm1saint3exploitpack1ubuntucve1canvas1cert1exploitdb2redhat4suse2securityvulns3freebsd1gentoo2securelist1