CVE-2010-3654

CVE-2010-3654 affects Adobe Flash Player prior to 9.0.289.0 and pre-10.1.102.64 (Windows/macOS/Linux/Solaris) and Adobe Reader/Acrobat 9.x up to 9.4, with 10.1.95.1 on Android. The vulnerability allows remote code execution or memory corruption/DoS via crafted SWF content embedded in PDFs (exploi...

CVE-2010-2188

Technical details about CVE-2010-2188 are not publicly available in the provided connected documents. Monitor for updates in EUVD entries and other sources for concrete information on affected products, impact, and fixes.

CVE-2010-2160

Technical details about CVE-2010-2160 are not publicly available in the provided Connected documents. Monitor for updates in case additional specifics (affected product/version, root cause, impact, or fixes) are published.

CVE-2010-2178

Adobe Flash Player before 9.0.277.0 and before 10.1.53.64, and Adobe AIR before 2.0.2.12610, are affected by CVE-2010-2178, which is described as enabling memory corruption that could lead to denial of service or possibly arbitrary code execution via unspecified vectors. The description reference...

CVE-2010-2171

Technical details for CVE-2010-2171 are not publicly available in the provided documents. Monitor for updates.

CVE-2010-2182

Technical details for CVE-2010-2182 are not publicly available in the provided documents. The initial entry lists affected products/versions but no exposed root cause, impact specifics, or remediation in the supplied materials. Monitor for updates.

CVE-2010-2184

Technical details on CVE-2010-2184 are not publicly available in the provided connected documents. Monitor for updates.

CVE-2010-2187

Technical details for CVE-2010-2187 are not publicly available in the provided documents. Monitor for updates.

CVE-2010-2175

Technical details about CVE-2010-2175 are not publicly available in the provided documents. Monitor for updates.

CVE-2010-2177

Technical details about CVE-2010-2177 are not provided in the supplied documents; no affected products, root cause, or remediation are disclosed. Monitor for updates from official sources.

CVE-2010-2180

Technical details for CVE-2010-2180 are not publicly provided in the supplied documents. Monitor for updates.

CVE-2010-2162

CVE-2010-2162 affects Adobe Flash Player before 9.0.277.0 and Flash Player 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610. The vulnerability arises from improper length calculations in the STSC, STSZ, and STCO atoms, enabling heap memory corruption that could crash the process or allow ...

CVE-2010-2165

Technical details for CVE-2010-2165 are not publicly available in the provided documents; monitor for updates from official advisories.

CVE-2010-2166

Technical details for CVE-2010-2166 are not publicly provided in the supplied documents. Monitor for updates from official advisories and vendors.

CVE-2010-2185

CVE-2010-2185 is a buffer overflow vulnerability in Adobe Flash Player prior to 9.0.277.0 and in the 10.x line prior to 10.1.53.64, as well as in Adobe AIR prior to 2.0.2.12610, that could allow remote arbitrary code execution via unspecified vectors. Publicly noted affected products/versions inc...

CVE-2010-2170

CVE-2010-2170 refers to an integer overflow in Adobe Flash Player before 9.0.277.0 and in the 10.x line before 10.1.53.64, as well as in Adobe AIR before 2.0.2.12610, which could allow an attacker to execute arbitrary code via unspecified vectors. Affected components/versions are stated; root cau...

CVE-2010-2176

Technical details about CVE-2010-2176 are not publicly available in the provided documents. The connected EUVD entries mention malware context but do not specify affected products, versions, root cause, impact, or remediation. Monitor for updates.

CVE-2010-2161

CVE-2010-2161 describes an array index error in Adobe Flash Player (before 9.0.277.0 and in 10.x before 10.1.53.64) and Adobe AIR before 2.0.2.12610 that could allow arbitrary code execution via unspecified Flash content. Affected software includes Flash Player and AIR; root cause per the descrip...

CVE-2010-2164

CVE-2010-2164 is a use-after-free vulnerability in Adobe Flash Player (before 9.0.277.0 and before 10.1.53.64) and Adobe AIR (before 2.0.2.12610) that could enable arbitrary code execution via an unspecified image-type path in a function. Connected advisories indicate this CVE is addressed by upd...

CVE-2010-2173

CVE-2010-2173 affects Adobe Flash Player prior to 9.0.277.0 and Flash Player 10.x prior to 10.1.53.64, and Adobe AIR before 2.0.2.12610, with arbitrary code execution reported via unspecified vectors. The description notes an “invalid pointer vulnerability” related to the newclass (0x58) operator...

CVE-2009-3793

CVE-2009-3793 affects Adobe Flash Player prior to 9.0.277.0 and Flash Player 10.x prior to 10.1.53.64, and Adobe AIR prior to 2.0.2.12610. The vulnerability is described as unspecified with potential for memory consumption-based Denial of Service or possibly arbitrary Code Execution via unknown v...

CVE-2010-2167

CVE-2010-2167 is a vulnerability in Adobe Flash Player (before 9.0.277.0 and 10.x before 10.1.53.64) and Adobe AIR (before 2.0.2.12610) where heap-based overflows in GIF/JPEG data could lead to arbitrary code execution. The initial description specifies the vectors as malformed GIF/JPEG data, wit...

CVE-2010-2169

Affected software: Adobe Flash Player before 9.0.277.0 and Flash Player 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610. Root cause/impact: vulnerability causes pointer memory corruption that can lead to a denial of service or, potentially, arbitrary code execution via unspecified vector...

CVE-2010-2174

CVE-2010-2174 affects Adobe Flash Player prior to 9.0.277.0 and Flash Player for 10.x prior to 10.1.53.64, and Adobe AIR prior to 2.0.2.12610. The vulnerability is an invalid pointer issue related to the newfunction (0x44) operator and is exploitable via unspecified vectors, enabling arbitrary co...

CVE-2010-2181

Technical details about CVE-2010-2181 (affected product/version/root cause/impact) are not publicly provided in the supplied connected documents. Monitor for updates.

CVE-2010-2186

Technical details (affected product/version, root cause, impact, or patch) are not provided in the connected documents for CVE-2010-2186. Monitor for updates.

CVE-2010-2163

CVE-2010-2163 affects Adobe Flash Player prior to 9.0.277.0 and Flash Player 10.x prior to 10.1.53.64, as well as Adobe AIR prior to 2.0.2.12610. The initial entry states multiple unspecified vulnerabilities could allow attackers to execute arbitrary code via unknown vectors. Connected documents ...

CVE-2010-2183

CVE-2010-2183 involves an integer overflow in Adobe Flash Player prior to 9.0.277.0 and in the 10.x line prior to 10.1.53.64, and in Adobe AIR prior to 2.0.2.12610. The overflow could allow an attacker to execute arbitrary code via unspecified vectors. This is a distinct issue from CVE-2010-2170 ...

CVE-2010-2189

CVE-2010-2189 involves Adobe Flash Player (first part: 9.0.277.0 and 10.x prior to 10.1.53.64) and Adobe AIR (before 2.0.2.12610) when used with VMware Tools on VMware, leading to memory corruption with potential arbitrary code execution and a possible denial of service. Connected sources confirm...

CVE-2005-2628

CVE-2005-2628 concerns a buffer overflow in Macromedia Flash Player (Flash.ocx) for Flash 6/7. The issue arises from insufficient validation of SWF data, allowing a remote attacker to execute arbitrary code via a crafted SWF file. Red Hat’s RHSA-2005:835 notes the fix in updated Macromedia Flash ...

CVE-2006-0024

CVE-2006-0024 covers multiple unspecified remote-code-execution vulnerabilities in Macromedia/Adobe Flash Player up to version 8.0.22.0 and earlier, exploitable via a crafted SWF file. Affected product: Macromedia Flash Player (Flash Player 8.x and earlier). Impact stated: remote code execution w...

CVE-2005-3591

CVE-2005-3591 describes a vulnerability in the Macromedia Flash plugin where Flash.ocx (Windows, 7.0.19.0 and earlier) and libflashplayer.so (Unix, before 7.0.25.0) allow a remote attacker to trigger a denial of service and potentially execute arbitrary code via parameters to the ActionDefineFunc...

CVE-2002-1467

CVE-2002-1467 affects the Macromedia Flash Plugin prior to 6.0.47.0, allowing remote attackers to bypass the same-domain restriction and read arbitrary files via (1) HTTP redirects, (2) a file:// base in a web document, or (3) a relative URL from a web archive (mht). The primary sources in the pr...

CVE-2002-0605

CVE-2002-0605 describes a buffer overflow in the Macromedia Flash 6 Flash OCX (revision 6,0,23,0) that allows remote attackers to execute arbitrary code via a long movie parameter. The connected records corroborate: vulnerable component is the Flash OCX, with the overflow occurring when processin...

CVE-2002-1382

CVE-2002-1382 affects Macromedia Flash Player prior to 6.0.65.0. The vulnerability allows remote attackers to execute arbitrary code via certain malformed data headers in Shockwave Flash (SWF) files; this is noted as a different issue from CAN-2002-0846. The available documents specify the affect...

CVE-2002-1534

Macromedia Flash Player contains a vulnerability where a remote attacker can read arbitrary files by manipulating XML script inside a .swf hosted on a remote SMB share. The issue arises from how the SWF processes XML data from an SMB-based source, enabling file read access without local interacti...

CVE-2003-1017

CVE-2003-1017 affects Macromedia Flash Player before 7.0.19.0. The vulnerability arises because Flash data files are stored in a predictable location accessible to web browsers, allowing remote attackers to read restricted files via browser vulnerabilities that rely on predictable file names. The...

CVE-2002-1881

CVE-2002-1881 affects Macromedia Flash Player 4.0 r12–6.0.47.0. A remote attacker can cause a browser crash (DoS) by feeding malformed Flash Shockwave (.SWF) content; ROT13-encoding the body while leaving headers unchanged demonstrates the issue. No further exploit details or remediation are prov...

CVE-2002-1625

Macromedia Flash Player 6 is affected by CVE-2002-1625. The issue arises because connections are not terminated when the user leaves the page, allowing remote attackers to cause a denial of service via the (1) loadMovie and (2) loadSound commands, which continue executing until the browser is clo...

CVE-2002-0477

Standalone Macromedia Flash Player 5.0 prior to 5,0,30,2 is vulnerable to remote code execution via a SWF file that uses the exec FSCommand. Root cause: the SWF can trigger arbitrary program execution on the host. Impact is remote code execution with the affected component being the Flash Player ...

CVE-2002-0476

Macromedia Flash Player 5.0 (Standalone) is affected by CVE-2002-0476. A .SWF file containing the undocumented “save” FSCommand can cause the player to save arbitrary files and programs on the host. The documents here do not provide details on exploit practicality, affected versions beyond Flash ...

CVE-2006-6827

The entry concerns Flash8b.ocx in Macromedia Flash 8. The vulnerability allows remote attackers to trigger a denial of service (Internet Explorer 7 crash) by sending a long string to the Flash8b.AllowScriptAccess method. According to the sources, this impacts availability (Partial) with network a...