Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:19840
HistoryJun 23, 2010 - 12:00 a.m.

Adobe Flash Player LocalConnection内存破坏漏洞

2010-06-2300:00:00
Root
www.seebug.org
35

0.013 Low

EPSS

Percentile

84.5%

JSON

BUGTRAQ ID: 40798
CVE ID: CVE-2010-2188

Flash Player是一款非常流行的FLASH播放器。

Flash Player通过ActionScript原始对象号2200所暴露的connect方式存在内存破坏漏洞。如果使用不同字符串多次调用了 LocalConnection函数,就可以触发这个漏洞,导致以运行浏览器用户的权限执行任意代码。

Adobe Flash Player 9.x
Adobe Flash Player 10.x
Adobe AIR <= 1.5.3.9130
厂商补丁:

Adobe

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.adobe.com

RedHat

RedHat已经为此发布了一个安全公告(RHSA-2010:0464-01)以及相应补丁:
RHSA-2010:0464-01:Critical: flash-plugin security update
链接:https://www.redhat.com/support/errata/RHSA-2010-0464.html

Related

securityvulns 8
zdi 2
nessus 29
suse 3
openvas 18
freebsd 2
prion 13
ubuntucve 13
cve 13
redhat 2
gentoo 1
securityvulns
securityvulns
ZDI-10-111: Adobe Flash Player LocalConnection Memory Corruption Remote Code Execution Vulnerability
2010-06-23 00:00:00
ZDI-10-149: Adobe Flash Player LocalConnection Memory Corruption Remote Code Execution Vulnerability
2010-08-11 00:00:00
Adobe Flash Player multiple security vulnerabilities
2010-08-11 00:00:00
zdi
zdi
Adobe Flash Player LocalConnection Memory Corruption Remote Code Execution Vulnerability
2010-06-21 00:00:00
Adobe Flash Player LocalConnection Memory Corruption Remote Code Execution Vulnerability
2010-08-10 00:00:00
nessus
nessus
openSUSE Security Update : flash-player (openSUSE-SU-2010:0502-1)
2010-08-13 00:00:00
openSUSE Security Update : flash-player (openSUSE-SU-2010:0502-1)
2014-06-13 00:00:00
openSUSE Security Update : flash-player (openSUSE-SU-2010:0502-1)
2010-08-13 00:00:00
suse
suse
remote code execution in flash-player
2010-08-13 16:04:27
remote code execution in acroread
2010-09-01 13:59:57
remote code execution in flash-player
2010-06-11 17:44:20
openvas
openvas
SuSE Update for flash-player SUSE-SA:2010:034
2010-08-16 00:00:00
SuSE Update for flash-player SUSE-SA:2010:034
2010-08-16 00:00:00
SuSE Update for acroread SUSE-SA:2010:037
2010-09-10 00:00:00
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2010-01-06 00:00:00
linux-flashplugin -- multiple vulnerabilities
2008-10-02 00:00:00
prion
prion
Memory corruption
2010-06-15 18:00:00
Memory corruption
2010-06-15 18:00:00
Memory corruption
2010-06-15 18:00:00
ubuntucve
ubuntucve
CVE-2010-2176
2010-06-15 00:00:00
CVE-2010-2175
2010-06-15 00:00:00
CVE-2010-2180
2010-06-15 00:00:00
cve
cve
CVE-2010-2180
2010-06-15 18:00:00
CVE-2010-2184
2010-06-15 18:00:00
CVE-2010-2171
2010-06-15 18:00:00
redhat
redhat
(RHSA-2010:0470) Critical: flash-plugin security update
2010-06-14 00:00:00
(RHSA-2010:0464) Critical: flash-plugin security update
2010-06-11 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2011-01-21 00:00:00

0.013 Low

EPSS

Percentile

84.5%

JSON
Related for SSV:19840
securityvulns8zdi2nessus29suse3openvas18freebsd2prion13ubuntucve13cve13redhat2gentoo1