Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2010-2164

Summary
Assigner-adobe
Assigner Org ID-078d4453-3bcd-4900-85e6-15281da43538
Published At-15 Jun, 2010 | 17:48
Updated At-07 Aug, 2024 | 02:25
Rejected At-
Credits

Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to an unspecified "image type within a certain function."

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:adobe
Assigner Org ID:078d4453-3bcd-4900-85e6-15281da43538
Published At:15 Jun, 2010 | 17:48
Updated At:07 Aug, 2024 | 02:25
Rejected At:
▼CVE Numbering Authority (CNA)

Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to an unspecified "image type within a certain function."

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2011/0192
vdb-entry
x_refsource_VUPEN
http://www.vupen.com/english/advisories/2010/1421
vdb-entry
x_refsource_VUPEN
http://support.apple.com/kb/HT4435
x_refsource_CONFIRM
http://secunia.com/advisories/40545
third-party-advisory
x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15798
vdb-entry
signature
x_refsource_OVAL
http://www.redhat.com/support/errata/RHSA-2010-0464.html
vendor-advisory
x_refsource_REDHAT
http://www.vupen.com/english/advisories/2010/1793
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/43026
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/1432
vdb-entry
x_refsource_VUPEN
http://security.gentoo.org/glsa/glsa-201101-09.xml
vendor-advisory
x_refsource_GENTOO
http://www.us-cert.gov/cas/techalerts/TA10-162A.html
third-party-advisory
x_refsource_CERT
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=872
third-party-advisory
x_refsource_IDEFENSE
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
vendor-advisory
x_refsource_APPLE
http://www.securityfocus.com/bid/40759
vdb-entry
x_refsource_BID
http://securitytracker.com/id?1024085
vdb-entry
x_refsource_SECTRACK
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
vendor-advisory
x_refsource_SUSE
http://securitytracker.com/id?1024086
vdb-entry
x_refsource_SECTRACK
http://www.vupen.com/english/advisories/2010/1434
vdb-entry
x_refsource_VUPEN
http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt
vendor-advisory
x_refsource_TURBO
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
vendor-advisory
x_refsource_HP
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html
vendor-advisory
x_refsource_SUSE
http://www.adobe.com/support/security/bulletins/apsb10-14.html
x_refsource_CONFIRM
http://secunia.com/advisories/40144
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2010-0470.html
vendor-advisory
x_refsource_REDHAT
http://www.vupen.com/english/advisories/2010/1482
vdb-entry
x_refsource_VUPEN
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
vendor-advisory
x_refsource_HP
http://www.vupen.com/english/advisories/2010/1522
vdb-entry
x_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6765
vdb-entry
signature
x_refsource_OVAL
http://www.securityfocus.com/bid/40780
vdb-entry
x_refsource_BID
http://www.vupen.com/english/advisories/2010/1453
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.vupen.com/english/advisories/2011/0192
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.vupen.com/english/advisories/2010/1421
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://support.apple.com/kb/HT4435
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/40545
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15798
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0464.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.vupen.com/english/advisories/2010/1793
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/43026
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2010/1432
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://security.gentoo.org/glsa/glsa-201101-09.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA10-162A.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=872
Resource:
third-party-advisory
x_refsource_IDEFENSE
Hyperlink: http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://www.securityfocus.com/bid/40759
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://securitytracker.com/id?1024085
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://securitytracker.com/id?1024086
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.vupen.com/english/advisories/2010/1434
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt
Resource:
vendor-advisory
x_refsource_TURBO
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb10-14.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/40144
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0470.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.vupen.com/english/advisories/2010/1482
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.vupen.com/english/advisories/2010/1522
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6765
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.securityfocus.com/bid/40780
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.vupen.com/english/advisories/2010/1453
Resource:
vdb-entry
x_refsource_VUPEN
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2011/0192
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.vupen.com/english/advisories/2010/1421
vdb-entry
x_refsource_VUPEN
x_transferred
http://support.apple.com/kb/HT4435
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/40545
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15798
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0464.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.vupen.com/english/advisories/2010/1793
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/43026
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2010/1432
vdb-entry
x_refsource_VUPEN
x_transferred
http://security.gentoo.org/glsa/glsa-201101-09.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://www.us-cert.gov/cas/techalerts/TA10-162A.html
third-party-advisory
x_refsource_CERT
x_transferred
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=872
third-party-advisory
x_refsource_IDEFENSE
x_transferred
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://www.securityfocus.com/bid/40759
vdb-entry
x_refsource_BID
x_transferred
http://securitytracker.com/id?1024085
vdb-entry
x_refsource_SECTRACK
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://securitytracker.com/id?1024086
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.vupen.com/english/advisories/2010/1434
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt
vendor-advisory
x_refsource_TURBO
x_transferred
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
vendor-advisory
x_refsource_HP
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.adobe.com/support/security/bulletins/apsb10-14.html
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/40144
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0470.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.vupen.com/english/advisories/2010/1482
vdb-entry
x_refsource_VUPEN
x_transferred
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
vendor-advisory
x_refsource_HP
x_transferred
http://www.vupen.com/english/advisories/2010/1522
vdb-entry
x_refsource_VUPEN
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6765
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.securityfocus.com/bid/40780
vdb-entry
x_refsource_BID
x_transferred
http://www.vupen.com/english/advisories/2010/1453
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0192
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/1421
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://support.apple.com/kb/HT4435
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/40545
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15798
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0464.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/1793
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/43026
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/1432
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-201101-09.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA10-162A.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=872
Resource:
third-party-advisory
x_refsource_IDEFENSE
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://www.securityfocus.com/bid/40759
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://securitytracker.com/id?1024085
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://securitytracker.com/id?1024086
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/1434
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt
Resource:
vendor-advisory
x_refsource_TURBO
x_transferred
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb10-14.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/40144
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0470.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/1482
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/1522
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6765
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.securityfocus.com/bid/40780
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/1453
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@adobe.com
Published At:15 Jun, 2010 | 18:00
Updated At:11 Apr, 2025 | 00:51

Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to an unspecified "image type within a certain function."

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.09.3HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Primary2.09.3HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 9.3
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 9.3
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CPE Matches
Adobe Inc.
adobe
>>flash_player>>9.0.16
cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.20
cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.20.0
cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.28
cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.28.0
cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.31
cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.31.0
cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.45.0
cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.47.0
cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.48.0
cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.115.0
cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.124.0
cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.125.0
cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.151.0
cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.152.0
cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.159.0
cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.246.0
cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.260.0
cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>9.0.262.0
cpe:2.3:a:adobe:flash_player:9.0.262.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>Versions up to 10.0.45.2(inclusive)
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>10.0.0.584
cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>10.0.12.10
cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>10.0.12.36
cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>10.0.15.3
cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>10.0.22.87
cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>10.0.32.18
cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>10.0.42.34
cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>6.0.79
cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.0
cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.0.1
cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.0.14.0
cpe:2.3:a:adobe:flash_player:7.0.14.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.0.19.0
cpe:2.3:a:adobe:flash_player:7.0.19.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.0.24.0
cpe:2.3:a:adobe:flash_player:7.0.24.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.0.25
cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.0.53.0
cpe:2.3:a:adobe:flash_player:7.0.53.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.0.60.0
cpe:2.3:a:adobe:flash_player:7.0.60.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.0.61.0
cpe:2.3:a:adobe:flash_player:7.0.61.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.0.63
cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.0.66.0
cpe:2.3:a:adobe:flash_player:7.0.66.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.0.67.0
cpe:2.3:a:adobe:flash_player:7.0.67.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.0.68.0
cpe:2.3:a:adobe:flash_player:7.0.68.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.0.69.0
cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.0.70.0
cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.0.73.0
cpe:2.3:a:adobe:flash_player:7.0.73.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.1
cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.1.1
cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>7.2
cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>8.0
cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>8.0.22.0
cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>8.0.24.0
cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-399Primarynvd@nist.gov
CWE ID: CWE-399
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Per: http://www.adobe.com/support/security/bulletins/apsb10-14.html 'Affected software versions Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris Adobe AIR 1.5.3.9130 and earlier versions for Windows, Macintosh and Linux'

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751psirt@adobe.com
N/A
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751psirt@adobe.com
N/A
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=872psirt@adobe.com
N/A
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlpsirt@adobe.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.htmlpsirt@adobe.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.htmlpsirt@adobe.com
N/A
http://secunia.com/advisories/40144psirt@adobe.com
Vendor Advisory
http://secunia.com/advisories/40545psirt@adobe.com
Vendor Advisory
http://secunia.com/advisories/43026psirt@adobe.com
Vendor Advisory
http://security.gentoo.org/glsa/glsa-201101-09.xmlpsirt@adobe.com
N/A
http://securitytracker.com/id?1024085psirt@adobe.com
N/A
http://securitytracker.com/id?1024086psirt@adobe.com
N/A
http://support.apple.com/kb/HT4435psirt@adobe.com
N/A
http://www.adobe.com/support/security/bulletins/apsb10-14.htmlpsirt@adobe.com
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2010-0464.htmlpsirt@adobe.com
N/A
http://www.redhat.com/support/errata/RHSA-2010-0470.htmlpsirt@adobe.com
N/A
http://www.securityfocus.com/bid/40759psirt@adobe.com
N/A
http://www.securityfocus.com/bid/40780psirt@adobe.com
N/A
http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txtpsirt@adobe.com
N/A
http://www.us-cert.gov/cas/techalerts/TA10-162A.htmlpsirt@adobe.com
US Government Resource
http://www.vupen.com/english/advisories/2010/1421psirt@adobe.com
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1432psirt@adobe.com
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1434psirt@adobe.com
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1453psirt@adobe.com
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1482psirt@adobe.com
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1522psirt@adobe.com
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1793psirt@adobe.com
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0192psirt@adobe.com
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15798psirt@adobe.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6765psirt@adobe.com
N/A
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751af854a3a-2127-422b-91ae-364da2661108
N/A
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751af854a3a-2127-422b-91ae-364da2661108
N/A
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=872af854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/40144af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/40545af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/43026af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://security.gentoo.org/glsa/glsa-201101-09.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://securitytracker.com/id?1024085af854a3a-2127-422b-91ae-364da2661108
N/A
http://securitytracker.com/id?1024086af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.apple.com/kb/HT4435af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.adobe.com/support/security/bulletins/apsb10-14.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2010-0464.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2010-0470.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/40759af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/40780af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txtaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.us-cert.gov/cas/techalerts/TA10-162A.htmlaf854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.vupen.com/english/advisories/2010/1421af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1432af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1434af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1453af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1482af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1522af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1793af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2011/0192af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15798af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6765af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
Source: psirt@adobe.com
Resource: N/A
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
Source: psirt@adobe.com
Resource: N/A
Hyperlink: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=872
Source: psirt@adobe.com
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
Source: psirt@adobe.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html
Source: psirt@adobe.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
Source: psirt@adobe.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/40144
Source: psirt@adobe.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/40545
Source: psirt@adobe.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/43026
Source: psirt@adobe.com
Resource:
Vendor Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-201101-09.xml
Source: psirt@adobe.com
Resource: N/A
Hyperlink: http://securitytracker.com/id?1024085
Source: psirt@adobe.com
Resource: N/A
Hyperlink: http://securitytracker.com/id?1024086
Source: psirt@adobe.com
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT4435
Source: psirt@adobe.com
Resource: N/A
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb10-14.html
Source: psirt@adobe.com
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0464.html
Source: psirt@adobe.com
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0470.html
Source: psirt@adobe.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/40759
Source: psirt@adobe.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/40780
Source: psirt@adobe.com
Resource: N/A
Hyperlink: http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt
Source: psirt@adobe.com
Resource: N/A
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA10-162A.html
Source: psirt@adobe.com
Resource:
US Government Resource
Hyperlink: http://www.vupen.com/english/advisories/2010/1421
Source: psirt@adobe.com
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1432
Source: psirt@adobe.com
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1434
Source: psirt@adobe.com
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1453
Source: psirt@adobe.com
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1482
Source: psirt@adobe.com
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1522
Source: psirt@adobe.com
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1793
Source: psirt@adobe.com
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2011/0192
Source: psirt@adobe.com
Resource:
Vendor Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15798
Source: psirt@adobe.com
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6765
Source: psirt@adobe.com
Resource: N/A
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=872
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/40144
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/40545
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/43026
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-201101-09.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securitytracker.com/id?1024085
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securitytracker.com/id?1024086
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT4435
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb10-14.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0464.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0470.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/40759
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/40780
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA10-162A.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.vupen.com/english/advisories/2010/1421
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1432
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1434
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1453
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1482
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1522
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1793
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2011/0192
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15798
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6765
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1343Records found
CVE-2022-24097
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-0.61% / 68.88%
||
7 Day CHG~0.00%
Published-11 Mar, 2022 | 17:54
Updated-23 Apr, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe After Effects Out-of-bounds Write could lead to Arbitrary code execution

Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Adobe Inc.Apple Inc.Microsoft Corporation
Product-windowsmacosafter_effectsAfter Effects
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-0594
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-9.93% / 92.72%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-0572
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-2.57% / 84.97%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0611
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-93.70% / 99.84%
||
7 Day CHG~0.00%
Published-13 Apr, 2011 | 14:00
Updated-30 Jul, 2025 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||The impacted product is end-of-life and should be disconnected if still in use.

Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a "group of included constants," object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011.

Action-Not Available
Vendor-n/aAdobe Inc.Oracle CorporationMicrosoft CorporationSUSEApple Inc.Linux Kernel Organization, IncGoogle LLCopenSUSE
Product-linux_kernelchrome_oswindowsacrobat_readeropensusesolarisacrobatflash_playerandroidadobe_airchromelinux_enterprise_desktopmac_os_xn/areaderflash_playeracrobatairFlash Player
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2011-0566
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-7.75% / 91.57%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0567 and CVE-2011-0603.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0596
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-11.48% / 93.33%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Bitmap parsing component in 2d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via an image with crafted (1) height and (2) width values for an RLE_8 compressed bitmap, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-0598, CVE-2011-0599, and CVE-2011-0602.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-0561
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-12.48% / 93.66%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0585
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-1.73% / 81.68%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0565.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CVE-2011-0602
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-9.93% / 92.72%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via crafted JP2K record types in a JPEG2000 image in a PDF file, which causes heap corruption, a different vulnerability than CVE-2011-0596, CVE-2011-0598, and CVE-2011-0599.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-0590
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-8.53% / 92.01%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file, a different vulnerability than CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-0609
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-92.40% / 99.72%
||
7 Day CHG~0.00%
Published-15 Mar, 2011 | 17:00
Updated-30 Jul, 2025 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-06-22||The impacted product is end-of-life and should be disconnected if still in use.

Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.

Action-Not Available
Vendor-n/aAdobe Inc.Oracle CorporationMicrosoft CorporationSUSEApple Inc.Linux Kernel Organization, IncGoogle LLCopenSUSE
Product-linux_kernelairwindowsacrobat_readeropensusesolarisacrobatflash_playerandroidlinux_enterprisechrome_oschromemacosmac_os_xn/aFlash Player
CVE-2011-0564
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-1.20% / 78.05%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows use weak permissions for unspecified files, which allows attackers to gain privileges via unknown vectors.

Action-Not Available
Vendor-n/aAdobe Inc.Microsoft Corporation
Product-windowsacrobat_readeracrobatn/a
CVE-2011-0319
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-1.53% / 80.59%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-24418
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-1.18% / 77.88%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 20:18
Updated-16 Sep, 2024 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe After Effects Out-of-Bounds Read Vulnerability

Adobe After Effects version 17.1.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted .aepx file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. This vulnerability requires user interaction to exploit.

Action-Not Available
Vendor-Microsoft CorporationAdobe Inc.
Product-windowsafter_effectsAfter Effects
CWE ID-CWE-125
Out-of-bounds Read
CVE-2011-0318
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-1.53% / 80.59%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0563
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-5.80% / 90.16%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0589 and CVE-2011-0606.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0556
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-4.33% / 88.47%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PFR1 chunk that leads to an unexpected sign extension and an invalid pointer dereference, a different vulnerability than CVE-2011-0569.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0595
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-12.04% / 93.52%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0600.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-0335
Matching Score-8
Assigner-Flexera Software LLC
ShareView Details
Matching Score-8
Assigner-Flexera Software LLC
CVSS Score-9.3||HIGH
EPSS-3.63% / 87.36%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-2119, and CVE-2011-2122.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-4187
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-4.84% / 89.12%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed chunk in a Director file, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-4090
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-6.13% / 90.43%
||
7 Day CHG~0.00%
Published-29 Oct, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-4190
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-4.33% / 88.47%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted CSWV RIFF chunk that causes an incorrect calculation of an offset for a substructure, which causes an out-of-bounds "seek" of heap memory, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-24092
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-11.45% / 93.32%
||
7 Day CHG~0.00%
Published-18 Mar, 2022 | 17:59
Updated-17 Sep, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious font file.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcacrobat_readeracrobatacrobat_reader_dcwindowsmacosAcrobat Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2010-4189
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-4.33% / 88.47%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie containing a GIF image with a crafted global color table size value, which causes an out-of-range pointer offset.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-4191
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-4.95% / 89.24%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4192, and CVE-2010-4306.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3975
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-6.33% / 90.59%
||
7 Day CHG~0.00%
Published-19 Oct, 2010 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Untrusted search path vulnerability in Adobe Flash Player 9 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse schannel.dll that is located in the same folder as a file that is processed by Flash.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CVE-2010-4307
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-8.39% / 91.94%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-4088
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-6.18% / 90.46%
||
7 Day CHG~0.00%
Published-29 Oct, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a .dir file with "duplicated references to the same KEY* chunk," a different vulnerability than CVE-2010-2581, CVE-2010-4084, CVE-2010-4085, and CVE-2010-4086.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3976
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-10.04% / 92.77%
||
7 Day CHG~0.00%
Published-19 Oct, 2010 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Untrusted search path vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a file that is processed by Flash Player.

Action-Not Available
Vendor-n/aAdobe Inc.Microsoft Corporation
Product-windowsflash_playern/a
CVE-2010-4194
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-13.25% / 93.89%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-4195
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-13.25% / 93.89%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TextXtra module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-4196
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-13.25% / 93.89%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Shockwave 3d Asset module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-4188
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-7.09% / 91.15%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with an IFWV chunk with a size field of 0, which is used in the calculation of a file offset and causes invalid data to be used as a loop counter, triggering a heap-based buffer overflow, a different vulnerability than CVE-2010-2587 and CVE-2010-2588.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-4092
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-4.00% / 87.96%
||
7 Day CHG~0.00%
Published-05 Nov, 2010 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in an unspecified compatibility component in Adobe Shockwave Player before 11.5.9.620 allows user-assisted remote attackers to execute arbitrary code via a crafted web site, related to the Shockwave Settings window and an unloaded library. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CVE-2010-4091
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-28.24% / 96.32%
||
7 Day CHG~0.00%
Published-07 Nov, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-4087
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-8.37% / 91.94%
||
7 Day CHG~0.00%
Published-29 Oct, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a .dir file with a crafted mmap record containing an invalid length of a VSWV entry, a different vulnerability than CVE-2010-4089.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-4089
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-8.37% / 91.94%
||
7 Day CHG~0.00%
Published-29 Oct, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a .dir file containing "duplicated LCSM entries in mmap record," a different vulnerability than CVE-2010-4087.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-4192
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-4.33% / 88.47%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted 3D Assets 0xFFFFFF88 type record that triggers an incorrect memory allocation, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, and CVE-2010-4306.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-23205
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-3.96% / 87.91%
||
7 Day CHG~0.00%
Published-06 May, 2022 | 17:02
Updated-23 Apr, 2025 | 18:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Adobe Inc.Apple Inc.Microsoft Corporation
Product-windowsphotoshopmacosPhotoshop
CWE ID-CWE-787
Out-of-bounds Write
CVE-2010-4093
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-8.02% / 91.74%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0555, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, CVE-2010-4192, and CVE-2010-4306.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-4306
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-4.95% / 89.24%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0555, CVE-2010-4093, CVE-2010-4187, CVE-2010-4190, CVE-2010-4191, and CVE-2010-4192.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-4085
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-6.13% / 90.43%
||
7 Day CHG~0.00%
Published-29 Oct, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2581, CVE-2010-4084, CVE-2010-4086, and CVE-2010-4088.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-4086
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-6.18% / 90.46%
||
7 Day CHG~0.00%
Published-29 Oct, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Director (.dir) media file with an invalid element size, a different vulnerability than CVE-2010-2581, CVE-2010-2880, CVE-2010-4084, CVE-2010-4085, and CVE-2010-4088.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-2870
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-8.31% / 91.91%
||
7 Day CHG~0.00%
Published-26 Aug, 2010 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly validate a certain chunk size in the mmap chunk in a Director movie, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-2873
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-11.05% / 93.16%
||
7 Day CHG~0.00%
Published-26 Aug, 2010 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.8.612 does not properly validate offset values in the rcsL RIFF chunks of (1) .DIR and (2) .DCR Director movies, which allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted movie.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-3632
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-5.97% / 90.31%
||
7 Day CHG~0.00%
Published-06 Oct, 2010 | 16:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3658.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-acrobat_readeracrobatn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3654
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-93.57% / 99.83%
||
7 Day CHG~0.00%
Published-29 Oct, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.

Action-Not Available
Vendor-n/aMicrosoft CorporationLinux Kernel Organization, IncGoogle LLCOracle CorporationMacromedia, Inc.Apple Inc.Adobe Inc.
Product-linux_kernelwindowsacrobat_readersolarisacrobatflash_playerandroidmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3152
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-5.91% / 90.26%
||
7 Day CHG~0.00%
Published-27 Aug, 2010 | 18:10
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Untrusted search path vulnerability in Adobe Illustrator CS4 14.0.0, CS5 15.0.1 and earlier, and possibly other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll or aires.dll that is located in the same folder as an .ait or .eps file.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-illustratorn/a
CVE-2010-2871
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-14.29% / 94.14%
||
7 Day CHG~0.00%
Published-26 Aug, 2010 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the 3D object functionality in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via a crafted size value in a 0xFFFFFF45 RIFF record in a Director movie.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CVE-2010-2862
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-41.94% / 97.34%
||
7 Day CHG~0.00%
Published-05 Aug, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a TrueType font with a large maxCompositePoints value in a Maximum Profile (maxp) table.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-acrobat_readeracrobatn/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 26
  • 27
  • Next
Details not found