Lucene search

K
ubuntucveUbuntu.comUB:CVE-2010-3654
HistoryOct 29, 2010 - 12:00 a.m.

CVE-2010-3654

2010-10-2900:00:00
ubuntu.com
ubuntu.com
31
adobe flash player
adobe reader
vulnerability
multiple os
remote attackers
arbitrary code
denial of service
swf content
memory corruption

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.973

Percentile

99.9%

Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows,
Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll
(aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and
Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code
or cause a denial of service (memory corruption and application crash) via
crafted SWF content, as exploited in the wild in October 2010.

Notes

Author Note
jdstrand 10.1.85.3 and ealier are affected. Fix expected around November 15

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.973

Percentile

99.9%