CVE-2010-2884

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010.

References

http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html

http://secunia.com/advisories/41434

http://secunia.com/advisories/41435

http://secunia.com/advisories/41443

http://secunia.com/advisories/41526

http://secunia.com/advisories/43025

http://secunia.com/advisories/43026

http://security.gentoo.org/glsa/glsa-201101-08.xml

http://security.gentoo.org/glsa/glsa-201101-09.xml

http://support.apple.com/kb/HT4435

http://www.adobe.com/support/security/advisories/apsa10-03.html

http://www.adobe.com/support/security/bulletins/apsb10-21.html

http://www.adobe.com/support/security/bulletins/apsb10-22.html

http://www.kb.cert.org/vuls/id/275289

http://www.redhat.com/support/errata/RHSA-2010-0706.html

http://www.redhat.com/support/errata/RHSA-2010-0743.html

http://www.us-cert.gov/cas/techalerts/TA10-263A.html

http://www.us-cert.gov/cas/techalerts/TA10-279A.html

http://www.vupen.com/english/advisories/2010/2348

http://www.vupen.com/english/advisories/2010/2349

http://www.vupen.com/english/advisories/2011/0191

http://www.vupen.com/english/advisories/2011/0192

https://exchange.xforce.ibmcloud.com/vulnerabilities/61771

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6852

Details

Source: MITRE

Published: 2010-09-15

Updated: 2018-10-30

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:* versions up to 10.1.82.76 (inclusive)

Configuration 2

AND

OR

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*

OR

cpe:2.3:o:google:android:*:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:adobe:acrobat_reader:3.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:3.01:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:3.02:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:4.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:4.0.5:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:4.0.5a:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:4.0.5c:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:4.5:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:5.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:5.0.5:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:5.0.6:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:5.0.7:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:5.0.9:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:5.0.10:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:5.0.11:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:5.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:6.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:6.0.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:6.0.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:6.0.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:6.0.4:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:6.0.5:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:7.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:7.0.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:7.0.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:7.0.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:7.0.4:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:7.0.5:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:7.0.6:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:7.0.7:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:7.0.8:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:7.0.9:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:7.1.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:* versions up to 9.3.4 (inclusive)

Configuration 4

AND

OR

cpe:2.3:a:adobe:acrobat:3.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:3.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:4.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:4.0.5:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:4.0.5a:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:4.0.5c:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:5.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:5.0.5:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:5.0.6:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:5.0.10:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:6.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:6.0.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:6.0.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:6.0.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:6.0.4:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:6.0.5:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:6.0.6:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:7.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:7.0.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:7.0.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:7.0.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:7.0.4:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:7.0.5:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:7.0.6:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:7.0.7:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:7.0.8:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:7.0.9:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:7.1.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:7.1.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:7.1.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:7.1.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:7.1.4:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*

OR

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Tenable Plugins

View all (27 total)

IDNameProductFamilySeverity
75492openSUSE Security Update : flash-player (openSUSE-SU-2010:0647-1)NessusSuSE Local Security Checks
high
75419openSUSE Security Update : acroread (openSUSE-SU-2010:0706-1)NessusSuSE Local Security Checks
high
51738SuSE 10 Security Update : flash-player (ZYPP Patch Number 7165)NessusSuSE Local Security Checks
high
51715SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 7182)NessusSuSE Local Security Checks
high
51703SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 7181)NessusSuSE Local Security Checks
high
51658GLSA-201101-09 : Adobe Flash Player: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
51657GLSA-201101-08 : Adobe Reader: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
50903SuSE 11 / 11.1 Security Update : flash-player (SAT Patch Numbers 3155 / 3157)NessusSuSE Local Security Checks
high
50888SuSE 11 / 11.1 Security Update : acroread_ja (SAT Patch Numbers 3272 / 3273)NessusSuSE Local Security Checks
high
50884SuSE 11 / 11.1 Security Update : Acrobat Reader (SAT Patch Numbers 3268 / 3270)NessusSuSE Local Security Checks
high
800791Mac OS X 10.6 < 10.6.5 Multiple VulnerabilitiesLog Correlation EngineOperating System Detection
high
5705Mac OS X 10.6 < 10.6.5 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
50549Mac OS X Multiple Vulnerabilities (Security Update 2010-007)NessusMacOS X Local Security Checks
high
50548Mac OS X 10.6.x < 10.6.5 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
49825openSUSE Security Update : acroread (openSUSE-SU-2010:0706-1)NessusSuSE Local Security Checks
high
49824openSUSE Security Update : acroread (openSUSE-SU-2010:0706-1)NessusSuSE Local Security Checks
high
49786RHEL 4 / 5 : acroread (RHSA-2010:0743)NessusRed Hat Local Security Checks
high
49652FreeBSD : linux-flashplugin -- remote code execution (8a34d9e6-c662-11df-b2e1-001b2134ef46)NessusFreeBSD Local Security Checks
high
49642openSUSE Security Update : flash-player (openSUSE-SU-2010:0647-1)NessusSuSE Local Security Checks
high
49641openSUSE Security Update : flash-player (openSUSE-SU-2010:0647-1)NessusSuSE Local Security Checks
high
49640RHEL 3 / 4 / 5 : flash-plugin (RHSA-2010:0706)NessusRed Hat Local Security Checks
high
49307Flash Player < 9.0.283 / 10.1.85.3 Unspecified Code Execution (APSB10-22)NessusWindows
high
800902Google Chrome < 6.0.472.62 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
5670Flash Player Unspecified Code Execution (APSB10-22)Nessus Network MonitorWeb Clients
medium
5669Google Chrome < 6.0.472.62 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
49173Adobe Reader < 9.4 / 8.2.5 Multiple Vulnerabilities (APSB10-21)NessusWindows
high
49172Adobe Acrobat < 9.4 / 8.2.5 Multiple Vulnerabilities (APSB10-21)NessusWindows
high