CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
85.2%
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an “invalid pointer vulnerability” and the newclass (0x58) operator, a different vulnerability than CVE-2010-2174.
Vendor | Product | Version | CPE |
---|---|---|---|
adobe | flash_player | 9.0.16 | cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:* |
adobe | flash_player | 9.0.20 | cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:* |
adobe | flash_player | 9.0.20.0 | cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:* |
adobe | flash_player | 9.0.28 | cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:* |
adobe | flash_player | 9.0.28.0 | cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:* |
adobe | flash_player | 9.0.31 | cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:* |
adobe | flash_player | 9.0.31.0 | cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:* |
adobe | flash_player | 9.0.45.0 | cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:* |
adobe | flash_player | 9.0.47.0 | cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:* |
adobe | flash_player | 9.0.48.0 | cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:* |
itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html
lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
secunia.com/advisories/40144
secunia.com/advisories/40545
secunia.com/advisories/43026
security.gentoo.org/glsa/glsa-201101-09.xml
securitytracker.com/id?1024085
securitytracker.com/id?1024086
support.apple.com/kb/HT4435
www.adobe.com/support/security/bulletins/apsb10-14.html
www.redhat.com/support/errata/RHSA-2010-0464.html
www.redhat.com/support/errata/RHSA-2010-0470.html
www.securityfocus.com/archive/1/511848/100/0/threaded
www.securityfocus.com/bid/40759
www.securityfocus.com/bid/40800
www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt
www.us-cert.gov/cas/techalerts/TA10-162A.html
www.vupen.com/english/advisories/2010/1421
www.vupen.com/english/advisories/2010/1432
www.vupen.com/english/advisories/2010/1434
www.vupen.com/english/advisories/2010/1453
www.vupen.com/english/advisories/2010/1482
www.vupen.com/english/advisories/2010/1522
www.vupen.com/english/advisories/2010/1793
www.vupen.com/english/advisories/2011/0192
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16261
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6762