Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiDamian PutZDI-10-111
HistoryJun 21, 2010 - 12:00 a.m.

Adobe Flash Player LocalConnection Memory Corruption Remote Code Execution Vulnerability

2010-06-2100:00:00
Damian Put
www.zerodayinitiative.com
20

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.013 Low

EPSS

Percentile

85.9%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the connect method exposed via the ActionScript native object number 2200. If this function is called several times with differing strings, a memory corruption issue can be triggered. This can be exploited by remote attackers to execute arbitrary code under the context of the user running the web browser.

Related

seebug 1
securityvulns 8
zdi 1
nessus 29
suse 3
openvas 18
freebsd 2
ubuntucve 13
prion 13
cve 13
redhat 2
gentoo 1
seebug
seebug
Adobe Flash Player LocalConnectionε†…ε­˜η ΄εζΌζ΄ž
2010-06-23 00:00:00
securityvulns
securityvulns
ZDI-10-111: Adobe Flash Player LocalConnection Memory Corruption Remote Code Execution Vulnerability
2010-06-23 00:00:00
ZDI-10-149: Adobe Flash Player LocalConnection Memory Corruption Remote Code Execution Vulnerability
2010-08-11 00:00:00
Adobe Flash Player multiple security vulnerabilities
2010-08-11 00:00:00
zdi
zdi
Adobe Flash Player LocalConnection Memory Corruption Remote Code Execution Vulnerability
2010-08-10 00:00:00
nessus
nessus
openSUSE Security Update : flash-player (openSUSE-SU-2010:0502-1)
2014-06-13 00:00:00
openSUSE Security Update : flash-player (openSUSE-SU-2010:0502-1)
2010-08-13 00:00:00
SuSE 11 / 11.1 Security Update : flash-player (SAT Patch Numbers 2900 / 2901)
2010-12-02 00:00:00
suse
suse
remote code execution in flash-player
2010-08-13 16:04:27
remote code execution in acroread
2010-09-01 13:59:57
remote code execution in flash-player
2010-06-11 17:44:20
openvas
openvas
SuSE Update for flash-player SUSE-SA:2010:034
2010-08-16 00:00:00
SuSE Update for flash-player SUSE-SA:2010:034
2010-08-16 00:00:00
SuSE Update for acroread SUSE-SA:2010:037
2010-09-10 00:00:00
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2010-01-06 00:00:00
linux-flashplugin -- multiple vulnerabilities
2008-10-02 00:00:00
ubuntucve
ubuntucve
CVE-2010-2188
2010-06-15 00:00:00
CVE-2010-2187
2010-06-15 00:00:00
CVE-2010-2176
2010-06-15 00:00:00
prion
prion
Memory corruption
2010-06-15 18:00:00
Memory corruption
2010-06-15 18:00:00
Memory corruption
2010-06-15 18:00:00
cve
cve
CVE-2010-2180
2010-06-15 18:00:00
CVE-2010-2171
2010-06-15 18:00:00
CVE-2010-2184
2010-06-15 18:00:00
redhat
redhat
(RHSA-2010:0464) Critical: flash-plugin security update
2010-06-11 00:00:00
(RHSA-2010:0470) Critical: flash-plugin security update
2010-06-14 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2011-01-21 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.013 Low

EPSS

Percentile

85.9%

JSON
Related for ZDI-10-111
seebug1securityvulns8zdi1nessus29suse3openvas18freebsd2ubuntucve13prion13cve13redhat2gentoo1