CVE-2010-3637

HIGH
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An unspecified ActiveX control in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 (Flash10h.ocx) on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FLV video.

References

http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html

http://marc.info/?l=bugtraq&m=130331642631603&w=2

http://secunia.com/advisories/42926

http://www.adobe.com/support/security/bulletins/apsb10-26.html

http://www.securityfocus.com/archive/1/514652/100/0/threaded

http://www.securityfocus.com/bid/44690

http://www.vupen.com/english/advisories/2010/2903

http://www.vupen.com/english/advisories/2011/0173

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12259

Details

Source: MITRE

Published: 2010-11-07

Updated: 2019-10-09

Type: CWE-119

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Tenable Plugins

View all (12 total)

IDNameProductFamilySeverity
75493openSUSE Security Update : flash-player (flash-player-3474)NessusSuSE Local Security Checks
high
63957RHEL 4 : flash-plugin (RHSA-2010:0834)NessusRed Hat Local Security Checks
high
63956RHEL 5 : flash-plugin (RHSA-2010:0829)NessusRed Hat Local Security Checks
high
53718openSUSE Security Update : flash-player (flash-player-3474)NessusSuSE Local Security Checks
high
53658openSUSE Security Update : flash-player (flash-player-3474)NessusSuSE Local Security Checks
high
50904SuSE 11 / 11.1 Security Update : flash-player (SAT Patch Numbers 3475 / 3477)NessusSuSE Local Security Checks
high
50614Adobe Reader < 9.4.1 Multiple Vulnerabilities (APSB10-28)NessusWindows
high
50613Adobe Acrobat 9.x < 9.4.1 Multiple Vulnerabilities (APSB10-28)NessusWindows
high
50604Adobe AIR < 2.5.1 Multiple Vulnerabilities (APSB10-26)NessusWindows
high
50505FreeBSD : linux-flashplugin -- multiple vulnerabilities (76b597e4-e9c6-11df-9e10-001b2134ef46)NessusFreeBSD Local Security Checks
high
5699Flash Player < 9.0.289 / 10.1.102.64 Multiple Vulnerabilities (APSB10-26)Nessus Network MonitorWeb Clients
medium
50493Flash Player < 9.0.289 / 10.1.102.64 Multiple Vulnerabilities (APSB10-26)NessusWindows
high