Lucene search
RootSSV:20218HistoryNov 01, 2010 - 12:00 a.m.
Adobe Flash Player authplay.dll库PDF文件解析远程代码执行漏洞
2010-11-0100:00:00
Root
www.seebug.org
45
EPSS
0.971
Percentile
99.8%
BUGTRAQ ID: 44504
CVE ID: CVE-2010-3654
Flash Player是一款非常流行的FLASH播放器。
Flash Player的authplay.dll库在解析畸形PDF文件时存在内存破坏漏洞,用户受骗打开了内嵌有恶意Flash内容的PDF文件时就可以触发这个漏洞,导致执行任意代码。
Adobe Acrobat 9.4
Adobe Flash Player 10.1.95.2
Adobe Flash Player 10.1.85.3
Adobe Reader 9.4
临时解决方法:
-
在浏览器中禁用Flash,禁止显示PDF文档。
-
在Adobe Reader 9中禁用Flash和3D & Multimedia支持。
-
在Adobe Reader和Acrobat中禁用JavaScript。
-
禁止Internet Explorer自动打开PDF文档。
-
在Microsoft Windows中启用DEP。
厂商补丁:
Adobe
目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
Related
nessus
nessus
SuSE 10 Security Update : flash-player (ZYPP Patch Number 7223)
2011-01-27 00:00:00
Adobe Reader 9 <= 9.4 (APSA10-05)
2010-10-28 00:00:00
Adobe Acrobat 9 <= 9.4 (APSA10-05)
2010-10-28 00:00:00
packetstorm
packetstorm
Adobe Flash Player "Button" Remote Code Execution
2010-11-03 00:00:00
openvas
openvas
Adobe Products Content Code Execution Vulnerability (Linux)
2010-11-10 00:00:00
Adobe Products Content Code Execution Vulnerability (CVE-2010-3654) - Linux
2010-11-10 00:00:00
threatpost
threatpost
Adobe Releases Emergency Fix for Critical Reader Flaws
2010-11-16 19:41:53
Adobe Accelerates Patch Schedule for Critical Flash Bug
2010-11-02 19:15:03
New Adobe Flash Bug Being Exploited
2010-10-28 14:03:47
checkpoint_advisories
checkpoint_advisories
saint
saint
Adobe Flash Player Flash Content Parsing Code Execution
2010-11-16 00:00:00
Adobe Flash Player Flash Content Parsing Code Execution
2010-11-16 00:00:00
Adobe Flash Player Flash Content Parsing Code Execution
2010-11-16 00:00:00
prion
prion
Memory corruption
2010-10-29 19:00:00
nvd
nvd
CVE-2010-3654
2010-10-29 19:00:02
exploitpack
exploitpack
ubuntucve
ubuntucve
CVE-2010-3654
2010-10-29 00:00:00
seebug
seebug
Adobe Flash Player < 10.1.53 .64 Action Script Type Confusion Exploit (DEP+ASLR bypass)
2014-07-01 00:00:00
Adobe Flash Player "Button" Remote Code Execution
2014-07-01 00:00:00
cert
cert
Adobe Flash code execution vulnerability
2010-10-28 00:00:00
canvas
canvas
Immunity Canvas: ADOBE_FLASH_BUTTON
2010-10-29 19:00:00
exploitdb
exploitdb
symantec
symantec
metasploit
metasploit
Adobe Flash Player "Button" Remote Code Execution
2010-11-01 22:34:13
cvelist
cvelist
CVE-2010-3654
2010-10-29 18:00:00
cve
cve
CVE-2010-3654
2010-10-29 19:00:02
redhat
redhat
(RHSA-2010:0934) Critical: acroread security update
2010-12-01 00:00:00
(RHSA-2010:0834) Critical: flash-plugin security update
2010-11-08 00:00:00
(RHSA-2010:0867) Critical: flash-plugin security update
2010-11-10 00:00:00
suse
suse
remote code execution in acoread
2010-12-08 17:17:01
remote code execution in flash-player
2010-11-05 13:12:10
securityvulns
securityvulns
Adobe Flash Player multiple security vulnerabilities
2010-11-08 00:00:00
Security update available for Adobe Flash Player
2010-11-08 00:00:00
About the security content of Mac OS X v10.6.5 and Security Update 2010-007
2010-11-18 00:00:00
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2010-09-28 00:00:00
gentoo
gentoo
Adobe Reader: Multiple vulnerabilities
2011-01-21 00:00:00
Adobe Flash Player: Multiple vulnerabilities
2011-01-21 00:00:00
securelist
securelist