Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:19842
HistoryJun 23, 2010 - 12:00 a.m.

Adobe Flash Player MP4数据解析堆内存破坏漏洞

2010-06-2300:00:00
Root
www.seebug.org
21

0.013 Low

EPSS

Percentile

84.5%

JSON

BUGTRAQ ID: 40801
CVE ID: CVE-2010-2162

Flash Player是一款非常流行的FLASH播放器。

Flash Player负责解析MP4文件的代码中存在漏洞。在处理STSC、STSZ和STCO原子时,Flash Player错误的计算了长度值,之后的内存拷贝操作中使用该值作为大小参数。这可能触发堆内存破坏,导致以当前登录用户的权限执行任意代码。

Adobe Flash Player 9.x
Adobe Flash Player 10.x
Adobe AIR <= 1.5.3.9130
厂商补丁:

Adobe

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.adobe.com/support/security/bulletins/apsb10-14.html

RedHat

RedHat已经为此发布了一个安全公告(RHSA-2010:0464-01)以及相应补丁:
RHSA-2010:0464-01:Critical: flash-plugin security update
链接:https://www.redhat.com/support/errata/RHSA-2010-0464.html

Related

securityvulns 6
zdi 1
prion 1
cve 1
ubuntucve 1
nessus 14
redhat 2
openvas 12
suse 1
freebsd 1
gentoo 1
securityvulns
securityvulns
ZDI-10-109: Adobe Flash Player Multiple Atom MP4 Parsing Remote Code Execution Vulnerability
2010-06-20 00:00:00
ZDI-10-109: Adobe Flash Player Multiple Atom MP4 Parsing Remote Code Execution Vulnerability
2010-06-20 00:00:00
Security update available for Adobe Flash Player
2010-06-11 00:00:00
zdi
zdi
Adobe Flash Player Multiple Atom MP4 Parsing Remote Code Execution Vulnerability
2010-06-16 00:00:00
prion
prion
Memory corruption
2010-06-15 18:00:00
cve
cve
CVE-2010-2162
2010-06-15 18:00:00
ubuntucve
ubuntucve
CVE-2010-2162
2010-06-15 00:00:00
nessus
nessus
Flash Player < 9.0.277.0 / 10.1.53.63 Multiple Vulnerabilities (APSB10-14)
2010-06-10 00:00:00
Adobe AIR < 2.0.2.12610 Multiple Vulnerabilities (APSB10-14)
2010-06-10 00:00:00
RHEL 5 : flash-plugin (RHSA-2010:0464)
2013-01-24 00:00:00
redhat
redhat
(RHSA-2010:0464) Critical: flash-plugin security update
2010-06-11 00:00:00
(RHSA-2010:0470) Critical: flash-plugin security update
2010-06-14 00:00:00
openvas
openvas
Adobe Flash Player/Air Multiple Vulnerabilities (Jun 2010) - Windows
2010-06-22 00:00:00
Adobe Flash Player/Air Multiple Vulnerabilities - June10 (Windows)
2010-06-22 00:00:00
Adobe Flash Player/Air Multiple Vulnerabilities - June10 (Linux)
2010-06-22 00:00:00
suse
suse
remote code execution in flash-player
2010-06-11 17:44:20
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2008-10-02 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2011-01-21 00:00:00

0.013 Low

EPSS

Percentile

84.5%

JSON
Related for SSV:19842
securityvulns6zdi1prion1cve1ubuntucve1nessus14redhat2openvas12suse1freebsd1gentoo1