9.3
CVSSv2

CVE-2010-2170

Published: 15/06/2010 Updated: 30/10/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Integer overflow in Adobe Flash Player prior to 9.0.277.0 and 10.x prior to 10.1.53.64, and Adobe AIR prior to 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2181 and CVE-2010-2183.

Affected Products

Vendor Product Versions
AdobeAir1.0, 1.1, 1.5, 1.5.1, 1.5.2, 1.5.3, 1.5.3.9130
AdobeFlash Player6.0.79, 7.0, 7.0.1, 7.0.14.0, 7.0.19.0, 7.0.24.0, 7.0.25, 7.0.53.0, 7.0.60.0, 7.0.61.0, 7.0.63, 7.0.66.0, 7.0.67.0, 7.0.68.0, 7.0.69.0, 7.0.70.0, 7.0.73.0, 7.1, 7.1.1, 7.2, 8.0, 8.0.22.0, 8.0.24.0, 8.0.33.0, 8.0.34.0, 8.0.35.0, 8.0.39.0, 8.0.42.0, 9.0.16, 9.0.20, 9.0.20.0, 9.0.28, 9.0.28.0, 9.0.31, 9.0.31.0, 9.0.45.0, 9.0.47.0, 9.0.48.0, 9.0.115.0, 9.0.124.0, 9.0.125.0, 9.0.151.0, 9.0.152.0, 9.0.159.0, 9.0.246.0, 9.0.260.0, 9.0.262.0, 10.0.0.584, 10.0.12.10, 10.0.12.36, 10.0.15.3, 10.0.22.87, 10.0.32.18, 10.0.42.34, 10.0.45.2
MacromediaFlash Player5.0, 5.0.30.0, 5.0.41.0, 5.0.42.0, 5.0.58.0

References

CWE-189http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.htmlhttp://secunia.com/advisories/40144http://secunia.com/advisories/40545http://secunia.com/advisories/43026http://security.gentoo.org/glsa/glsa-201101-09.xmlhttp://securitytracker.com/id?1024085http://securitytracker.com/id?1024086http://support.apple.com/kb/HT4435http://www.adobe.com/support/security/bulletins/apsb10-14.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0464.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0470.htmlhttp://www.securityfocus.com/bid/40759http://www.securityfocus.com/bid/40789http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txthttp://www.us-cert.gov/cas/techalerts/TA10-162A.htmlhttp://www.vupen.com/english/advisories/2010/1421http://www.vupen.com/english/advisories/2010/1432http://www.vupen.com/english/advisories/2010/1434http://www.vupen.com/english/advisories/2010/1453http://www.vupen.com/english/advisories/2010/1482http://www.vupen.com/english/advisories/2010/1522http://www.vupen.com/english/advisories/2010/1793http://www.vupen.com/english/advisories/2011/0192https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16348https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6766https://nvd.nist.govhttps://www.securityfocus.com/bid/40789https://www.rapid7.com/db/vulnerabilities/hpsim-cve-2010-2183