[Forgot Password]
Login  Register Subscribe

24436

 
 

131815

 
 

115228

 
 

909

 
 

90122

 
 

140

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2010-1297Date: (C)2010-06-08   (M)2018-10-09


Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1024057
SECTRACK-1024058
SECTRACK-1024085
SECTRACK-1024086
EXPLOIT-DB-13787
SECUNIA-40026
SECUNIA-40034
SECUNIA-40144
SECUNIA-40545
BID-40586
BID-40759
SECUNIA-43026
OSVDB-65141
ADV-2010-1348
ADV-2010-1349
ADV-2010-1421
ADV-2010-1432
ADV-2010-1434
ADV-2010-1453
ADV-2010-1482
ADV-2010-1522
ADV-2010-1636
ADV-2010-1793
ADV-2011-0192
APPLE-SA-2010-11-10-1
GLSA-201101-09
HPSBMA02547
RHSA-2010:0464
RHSA-2010:0470
SSRT100179
SUSE-SA:2010:024
SUSE-SR:2010:013
TA10-159A
TA10-162A
TLSA-2010-19
VU#486225
adobe-authplay-code-execution(59137)
http://blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash/
http://community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx
http://support.apple.com/kb/HT4435
http://www.adobe.com/support/security/advisories/apsa10-01.html
http://www.adobe.com/support/security/bulletins/apsb10-14.html
http://www.adobe.com/support/security/bulletins/apsb10-15.html

CPE    48
cpe:/a:adobe:acrobat_reader:9.2
cpe:/a:adobe:acrobat_reader:9.1
cpe:/a:adobe:acrobat_reader:9.0
cpe:/a:adobe:acrobat_reader:9.3
...
OVAL    17
oval:org.secpod.oval:def:4729
oval:org.secpod.oval:def:4727
oval:org.secpod.oval:def:18628
oval:org.secpod.oval:def:400031
...

© SecPod Technologies