CVE-2010-2173

Sažetak

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newclass (0x58) operator, a different vulnerability than CVE-2010-2174.

Reference

http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
http://secunia.com/advisories/40144
http://secunia.com/advisories/40545
http://secunia.com/advisories/43026
http://security.gentoo.org/glsa/glsa-201101-09.xml
http://securitytracker.com/id?1024085
http://securitytracker.com/id?1024086
http://support.apple.com/kb/HT4435
http://www.adobe.com/support/security/bulletins/apsb10-14.html
http://www.redhat.com/support/errata/RHSA-2010-0464.html
http://www.redhat.com/support/errata/RHSA-2010-0470.html
http://www.securityfocus.com/archive/1/511848/100/0/threaded
http://www.securityfocus.com/bid/40759
http://www.securityfocus.com/bid/40800
http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt
http://www.us-cert.gov/cas/techalerts/TA10-162A.html
http://www.vupen.com/english/advisories/2010/1421
http://www.vupen.com/english/advisories/2010/1432
http://www.vupen.com/english/advisories/2010/1434
http://www.vupen.com/english/advisories/2010/1453
http://www.vupen.com/english/advisories/2010/1482
http://www.vupen.com/english/advisories/2010/1522
http://www.vupen.com/english/advisories/2010/1793
http://www.vupen.com/english/advisories/2011/0192
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16261
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6762

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

30-10-2018 - 16:25

Objavljeno

15-06-2010 - 18:00