CVE-2010-3641

Executive Summary

Informations
Name	CVE-2010-3641	First vendor Publication	2010-11-07
Vendor	Cve	Last vendor Modification	2011-07-18

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3641

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:16161

Oval ID:	oval:org.mitre.oval:def:16161
Title:	Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description:	Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-3641	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player
Definition Synopsis:
Adobe Flash Player is Installed AND Flash version is before 9.0.289.0 or 10.x before 10.1.102.64 Version of Adobe Flash Player is less than 9.0.289.0 OR Adobe Flash Player 10.x before 10.1.102.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.102.64

Definition Id: oval:org.mitre.oval:def:12154

Oval ID:	oval:org.mitre.oval:def:12154
Title:	Unspecified vulnerability which allows attackers to cause a denial of service or possibly execute arbitrary code in Adobe Flash Player version less than 9.0.289.0 and 10.x less than 10.1.102.64
Description:	Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-3641	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7	Product(s):	Adobe Flash Player
Definition Synopsis:
Check if Adobe Flash Player is installed and version is less than 9.0.289.0 Adobe Flash Player is installed AND Check if Adobe Flash Player version less than 9.0.289.0 OR Check if Adobe Flash Player 10 is installed and version is less than 10.1.102.64 Check if Adobe Flash Player version less than 10.1.102.64 AND Adobe Flash Player 10 is installed

CPE : Common Platform Enumeration

Type	Description	Count
Application	Adobe Flash Player cpe:/a:adobe:flash_player:10.1.95.2 cpe:/a:adobe:flash_player:10.1.95.1 cpe:/a:adobe:flash_player:10.1.92.8 cpe:/a:adobe:flash_player:10.1.92.10 cpe:/a:adobe:flash_player:10.1.85.3 cpe:/a:adobe:flash_player:10.1.82.76 cpe:/a:adobe:flash_player:10.1.53.64 cpe:/a:adobe:flash_player:10.1.52.15 cpe:/a:adobe:flash_player:10.1.52.14.1 cpe:/a:adobe:flash_player:10.0.45.2 cpe:/a:adobe:flash_player:10.0.42.34 cpe:/a:adobe:flash_player:10.0.32.18 cpe:/a:adobe:flash_player:10.0.22.87 cpe:/a:adobe:flash_player:10.0.15.3 cpe:/a:adobe:flash_player:10.0.12.36 cpe:/a:adobe:flash_player:10.0.12.10 cpe:/a:adobe:flash_player:10.0.0.584 cpe:/a:adobe:flash_player:9.0.48.0 cpe:/a:adobe:flash_player:9.0.47.0 cpe:/a:adobe:flash_player:9.0.45.0 cpe:/a:adobe:flash_player:9.0.31.0 cpe:/a:adobe:flash_player:9.0.31 cpe:/a:adobe:flash_player:9.0.28.0 cpe:/a:adobe:flash_player:9.0.28 cpe:/a:adobe:flash_player:9.0.277.0 cpe:/a:adobe:flash_player:9.0.262.0 cpe:/a:adobe:flash_player:9.0.260.0 cpe:/a:adobe:flash_player:9.0.246.0 cpe:/a:adobe:flash_player:9.0.20.0 cpe:/a:adobe:flash_player:9.0.20 cpe:/a:adobe:flash_player:9.0.18d60 cpe:/a:adobe:flash_player:9.0.16 cpe:/a:adobe:flash_player:9.0.159.0 cpe:/a:adobe:flash_player:9.0.155.0 cpe:/a:adobe:flash_player:9.0.152.0 cpe:/a:adobe:flash_player:9.0.151.0 cpe:/a:adobe:flash_player:9.0.125.0 cpe:/a:adobe:flash_player:9.0.124.0 cpe:/a:adobe:flash_player:9.0.115.0 cpe:/a:adobe:flash_player:9.0.114.0 cpe:/a:adobe:flash_player:9.0.112.0	41

Open Source Vulnerability Database (OSVDB)

id	Description
69131	Adobe Flash Unspecified Memory Corruption (2010-3641)

Internal Sources (Detail)

Source	Url
APPLE	http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
BID	http://www.securityfocus.com/bid/44677
CONFIRM	http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1 http://support.apple.com/kb/HT4435 http://www.adobe.com/support/security/bulletins/apsb10-26.html
GENTOO	http://security.gentoo.org/glsa/glsa-201101-09.xml
HP	http://marc.info/?l=bugtraq&m=130331642631603&w=2 http://marc.info/?l=bugtraq&m=130331642631603&w=2
REDHAT	http://www.redhat.com/support/errata/RHSA-2010-0829.html http://www.redhat.com/support/errata/RHSA-2010-0834.html http://www.redhat.com/support/errata/RHSA-2010-0867.html
SECUNIA	http://secunia.com/advisories/42183 http://secunia.com/advisories/42926 http://secunia.com/advisories/43026
SUSE	http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html
VUPEN	http://www.vupen.com/english/advisories/2010/2903 http://www.vupen.com/english/advisories/2010/2906 http://www.vupen.com/english/advisories/2010/2918 http://www.vupen.com/english/advisories/2011/0173 http://www.vupen.com/english/advisories/2011/0192

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-05-10 23:33:49	Multiple Updates

Type	Count
Oval ID(s)	2
CPE ID(s)	41
osvdb(s)	1

Related	Severity
RHSA-2010:0867	(Critical)
RHSA-2010:0834	(Critical)
RHSA-2010:0829	(Critical)
HPSBMA02663 SSR...	(Critical)
GLSA-201101-09	(Critical)

Same Subject	Severity
Login to view 59 more Alert(s)

CVE-2010-3641

Executive Summary

Security-Database Scoring CVSS v2

Detail

Original Source

OVAL Definitions

CPE : Common Platform Enumeration

Open Source Vulnerability Database (OSVDB)

Internal Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU