Login

Tenable Community & Support

Tenable University

CVE-2010-3976

HIGH

Description

Untrusted search path vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a file that is processed by Flash Player.

References

http://core.yehg.net/lab/pr0js/advisories/dll_hijacking/%5Bflash_player%5D_10.1.x_insecure_dll_hijacking_%28dwmapi.dll%29

http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html

http://marc.info/?l=bugtraq&m=130331642631603&w=2

http://secunia.com/advisories/43026

http://security.gentoo.org/glsa/glsa-201101-09.xml

http://support.apple.com/kb/HT4435

http://www.acrossecurity.com/aspr/ASPR-2010-11-05-1-PUB.txt

http://www.adobe.com/support/security/bulletins/apsb10-26.html

http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-09/msg00070.html

http://www.securityfocus.com/archive/1/514653/100/0/threaded

http://www.securityfocus.com/bid/44671

http://www.vupen.com/english/advisories/2010/2903

http://www.vupen.com/english/advisories/2011/0192

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6926

Details

Source: MITRE

Published: 2010-10-19

Updated: 2018-10-10

Type: NVD-CWE-Other

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Vulnerable Software

Configuration 1

AND

OR

cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.155.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:9.0.262.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*

OR

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Configuration 2

AND

OR

cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.1.95.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*

OR

cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

Tenable Plugins

View all (14 total)

ID	Name	Product	Family	Severity
75493	openSUSE Security Update : flash-player (flash-player-3474)	Nessus	SuSE Local Security Checks	high
53718	openSUSE Security Update : flash-player (flash-player-3474)	Nessus	SuSE Local Security Checks	high
53658	openSUSE Security Update : flash-player (flash-player-3474)	Nessus	SuSE Local Security Checks	high
51658	GLSA-201101-09 : Adobe Flash Player: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
50904	SuSE 11 / 11.1 Security Update : flash-player (SAT Patch Numbers 3475 / 3477)	Nessus	SuSE Local Security Checks	high
50614	Adobe Reader < 9.4.1 Multiple Vulnerabilities (APSB10-28)	Nessus	Windows	high
50613	Adobe Acrobat 9.x < 9.4.1 Multiple Vulnerabilities (APSB10-28)	Nessus	Windows	high
50604	Adobe AIR < 2.5.1 Multiple Vulnerabilities (APSB10-26)	Nessus	Windows	high
800791	Mac OS X 10.6 < 10.6.5 Multiple Vulnerabilities	Log Correlation Engine	Operating System Detection	high
5705	Mac OS X 10.6 < 10.6.5 Multiple Vulnerabilities	Nessus Network Monitor	Generic	critical
50549	Mac OS X Multiple Vulnerabilities (Security Update 2010-007)	Nessus	MacOS X Local Security Checks	high
50548	Mac OS X 10.6.x < 10.6.5 Multiple Vulnerabilities	Nessus	MacOS X Local Security Checks	critical
5699	Flash Player < 9.0.289 / 10.1.102.64 Multiple Vulnerabilities (APSB10-26)	Nessus Network Monitor	Web Clients	medium
50493	Flash Player < 9.0.289 / 10.1.102.64 Multiple Vulnerabilities (APSB10-26)	Nessus	Windows	high