Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title flash-plugin security update
Informations
Name RHSA-2010:0464 First vendor Publication 2010-06-11
Vendor RedHat Last vendor Modification 2010-06-11
Severity (Vendor) Critical Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 Supplementary.

The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

RHEL Desktop Supplementary (v. 5 client) - i386, x86_64 RHEL Supplementary (v. 5 server) - i386, x86_64

3. Description:

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in.

This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security pages APSA10-01 and APSB10-14, listed in the References section.

Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content. (CVE-2009-3793, CVE-2010-1297, CVE-2010-2160, CVE-2010-2161, CVE-2010-2162, CVE-2010-2163, CVE-2010-2164, CVE-2010-2165, CVE-2010-2166, CVE-2010-2167, CVE-2010-2169, CVE-2010-2170, CVE-2010-2171, CVE-2010-2173, CVE-2010-2174, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2181, CVE-2010-2182, CVE-2010-2183, CVE-2010-2184, CVE-2010-2185, CVE-2010-2186, CVE-2010-2187, CVE-2010-2188)

An input sanitization flaw was found in the way flash-plugin processed certain URLs. An attacker could use this flaw to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially-crafted web page. (CVE-2010-2179)

A denial of service flaw was found in the way flash-plugin processed certain SWF content. An attacker could use this flaw to create a specially-crafted SWF file that would cause flash-plugin to crash. (CVE-2008-4546)

All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.1.53.64.

4. Solution:

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

467082 - CVE-2008-4546 flash-plugin: crash caused by SWF files with different SWF versions obtained from the same URL 600692 - CVE-2010-1297 acroread, flash-plugin: Arbitrary code execution by opening a specially-crafted PDF file with malicious SWF content (APSA10-01) 602847 - flash-plugin: multiple security flaws (APSB10-14)

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2010-0464.html

CWE : Common Weakness Enumeration

% Id Name
66 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
10 % CWE-399 Resource Management Errors
10 % CWE-189 Numeric Errors (CWE/SANS Top 25)
10 % CWE-94 Failure to Control Generation of Code ('Code Injection')
3 % CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15360
 
Oval ID: oval:org.mitre.oval:def:15360
Title: Adobe Flash Player Invalid Pointer Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newfunction (0x44) operator, a different vulnerability than CVE-2010-2173.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2174
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15437
 
Oval ID: oval:org.mitre.oval:def:15437
Title: Adobe Flash Player Multiple Heap Overflow Vulnerabilities
Description: Multiple heap-based buffer overflows in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to malformed (1) GIF or (2) JPEG data.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2167
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15525
 
Oval ID: oval:org.mitre.oval:def:15525
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2175
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15541
 
Oval ID: oval:org.mitre.oval:def:15541
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2166
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15576
 
Oval ID: oval:org.mitre.oval:def:15576
Title: Adobe Flash Player Out Of Bounds Memory Indexing Vulnerability
Description: Array index error in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified "types of Adobe Flash code."
Family: macos Class: vulnerability
Reference(s): CVE-2010-2161
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15719
 
Oval ID: oval:org.mitre.oval:def:15719
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2176
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15798
 
Oval ID: oval:org.mitre.oval:def:15798
Title: Adobe Flash Player Use-After-Free Vulnerability
Description: Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to an unspecified "image type within a certain function."
Family: macos Class: vulnerability
Reference(s): CVE-2010-2164
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15920
 
Oval ID: oval:org.mitre.oval:def:15920
Title: Adobe Flash Player Integer Overflow Vulnerability
Description: Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2181.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2183
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15937
 
Oval ID: oval:org.mitre.oval:def:15937
Title: Adobe Flash Player Integer Overflow Vulnerability
Description: Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2183.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2181
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15965
 
Oval ID: oval:org.mitre.oval:def:15965
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2177
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16022
 
Oval ID: oval:org.mitre.oval:def:16022
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2178
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16029
 
Oval ID: oval:org.mitre.oval:def:16029
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2187, and CVE-2010-2188.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2184
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16052
 
Oval ID: oval:org.mitre.oval:def:16052
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2180
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16056
 
Oval ID: oval:org.mitre.oval:def:16056
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2188.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2187
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16083
 
Oval ID: oval:org.mitre.oval:def:16083
Title: Adobe Flash Player Memory Exhaustion Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an invalid offset in an unspecified undocumented opcode in ActionScript Virtual Machine 2, related to getouterscope, a different vulnerability than CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2160
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16090
 
Oval ID: oval:org.mitre.oval:def:16090
Title: Adobe Flash Player Buffer Overflow Vulnerability
Description: Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2185
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16223
 
Oval ID: oval:org.mitre.oval:def:16223
Title: Adobe Flash Player Memory Exhaustion Vulnerability
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory consumption) or possibly execute arbitrary code via unknown vectors.
Family: macos Class: vulnerability
Reference(s): CVE-2009-3793
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16225
 
Oval ID: oval:org.mitre.oval:def:16225
Title: Adobe Flash Player Pointer Memory Corruption
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allow attackers to cause a denial of service (pointer memory corruption) or possibly execute arbitrary code via unspecified vectors.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2169
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16261
 
Oval ID: oval:org.mitre.oval:def:16261
Title: Adobe Flash Player Invalid Pointer Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newclass (0x58) operator, a different vulnerability than CVE-2010-2174.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2173
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16271
 
Oval ID: oval:org.mitre.oval:def:16271
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by calling the ActionScript native object 2200 connect method multiple times with different arguments, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2187.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2188
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16283
 
Oval ID: oval:org.mitre.oval:def:16283
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2182
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16285
 
Oval ID: oval:org.mitre.oval:def:16285
Title: Adobe Flash Player Denial of Service Vulnerability
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2186
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16302
 
Oval ID: oval:org.mitre.oval:def:16302
Title: Adobe Flash Player SWF Version Null Pointer Dereference Denial of Service Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service (NULL pointer dereference and browser crash) by returning a different response when an HTTP request is sent a second time, as demonstrated by two responses that provide SWF files with different SWF version numbers.
Family: macos Class: vulnerability
Reference(s): CVE-2008-4546
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16316
 
Oval ID: oval:org.mitre.oval:def:16316
Title: Adobe Flash Player Multiple Vulnerabilities that could lead to code execution
Description: Multiple unspecified vulnerabilities in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unknown vectors.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2163
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16341
 
Oval ID: oval:org.mitre.oval:def:16341
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors related to SWF files, decompression of embedded JPEG image data, and the DefineBits and other unspecified tags, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2171
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16345
 
Oval ID: oval:org.mitre.oval:def:16345
Title: Adobe Flash Player Heap Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors related to improper length calculation and the (1) STSC, (2) STSZ, and (3) STCO atoms.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2162
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16348
 
Oval ID: oval:org.mitre.oval:def:16348
Title: Adobe Flash Player Integer Overflow Vulnerability
Description: Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2181 and CVE-2010-2183.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2170
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:16350
 
Oval ID: oval:org.mitre.oval:def:16350
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: macos Class: vulnerability
Reference(s): CVE-2010-2165
Version: 3
Platform(s): Apple Mac OS X
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22053
 
Oval ID: oval:org.mitre.oval:def:22053
Title: RHSA-2010:0464: flash-plugin security update (Critical)
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by calling the ActionScript native object 2200 connect method multiple times with different arguments, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2187.
Family: unix Class: patch
Reference(s): RHSA-2010:0464-01
CVE-2008-4546
CVE-2009-3793
CVE-2010-1297
CVE-2010-2160
CVE-2010-2161
CVE-2010-2162
CVE-2010-2163
CVE-2010-2164
CVE-2010-2165
CVE-2010-2166
CVE-2010-2167
CVE-2010-2169
CVE-2010-2170
CVE-2010-2171
CVE-2010-2173
CVE-2010-2174
CVE-2010-2175
CVE-2010-2176
CVE-2010-2177
CVE-2010-2178
CVE-2010-2179
CVE-2010-2180
CVE-2010-2181
CVE-2010-2182
CVE-2010-2183
CVE-2010-2184
CVE-2010-2185
CVE-2010-2186
CVE-2010-2187
CVE-2010-2188
Version: 393
Platform(s): Red Hat Enterprise Linux 5
Product(s): flash-plugin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22997
 
Oval ID: oval:org.mitre.oval:def:22997
Title: ELSA-2010:0464: flash-plugin security update (Critical)
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by calling the ActionScript native object 2200 connect method multiple times with different arguments, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2187.
Family: unix Class: patch
Reference(s): ELSA-2010:0464-01
CVE-2008-4546
CVE-2009-3793
CVE-2010-1297
CVE-2010-2160
CVE-2010-2161
CVE-2010-2162
CVE-2010-2163
CVE-2010-2164
CVE-2010-2165
CVE-2010-2166
CVE-2010-2167
CVE-2010-2169
CVE-2010-2170
CVE-2010-2171
CVE-2010-2173
CVE-2010-2174
CVE-2010-2175
CVE-2010-2176
CVE-2010-2177
CVE-2010-2178
CVE-2010-2179
CVE-2010-2180
CVE-2010-2181
CVE-2010-2182
CVE-2010-2183
CVE-2010-2184
CVE-2010-2185
CVE-2010-2186
CVE-2010-2187
CVE-2010-2188
Version: 125
Platform(s): Oracle Linux 5
Product(s): flash-plugin
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6758
 
Oval ID: oval:org.mitre.oval:def:6758
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2182
Version: 17
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6762
 
Oval ID: oval:org.mitre.oval:def:6762
Title: Adobe Flash Player Invalid Pointer Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newclass (0x58) operator, a different vulnerability than CVE-2010-2174.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2173
Version: 17
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6765
 
Oval ID: oval:org.mitre.oval:def:6765
Title: Adobe Flash Player Use-After-Free Vulnerability
Description: Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to an unspecified "image type within a certain function."
Family: windows Class: vulnerability
Reference(s): CVE-2010-2164
Version: 17
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6766
 
Oval ID: oval:org.mitre.oval:def:6766
Title: Adobe Flash Player Integer Overflow Vulnerability
Description: Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2181 and CVE-2010-2183.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2170
Version: 17
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6781
 
Oval ID: oval:org.mitre.oval:def:6781
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2165
Version: 17
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6903
 
Oval ID: oval:org.mitre.oval:def:6903
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2175
Version: 17
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6946
 
Oval ID: oval:org.mitre.oval:def:6946
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by calling the ActionScript native object 2200 connect method multiple times with different arguments, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2187.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2188
Version: 18
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:6999
 
Oval ID: oval:org.mitre.oval:def:6999
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors related to SWF files, decompression of embedded JPEG image data, and the DefineBits and other unspecified tags, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2171
Version: 18
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7014
 
Oval ID: oval:org.mitre.oval:def:7014
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2180
Version: 18
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7096
 
Oval ID: oval:org.mitre.oval:def:7096
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2177
Version: 18
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7116
 
Oval ID: oval:org.mitre.oval:def:7116
Title: Adobe Flash Player, Acrobat Reader, and Acrobat 'authplay.dll' Remote Code Execution Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.
Family: windows Class: vulnerability
Reference(s): CVE-2010-1297
Version: 30
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe Reader
Adobe Acrobat
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7118
 
Oval ID: oval:org.mitre.oval:def:7118
Title: Adobe Flash Player Denial of Service Vulnerability
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2186
Version: 18
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7126
 
Oval ID: oval:org.mitre.oval:def:7126
Title: Adobe Flash Player URL Parsing Vulnerability that could lead to cross-site scripting (Firefox and Chrome browsers only)
Description: Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2179
Version: 21
Platform(s): Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Google Chrome
Mozilla Firefox
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7166
 
Oval ID: oval:org.mitre.oval:def:7166
Title: Adobe Flash Player Heap Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors related to improper length calculation and the (1) STSC, (2) STSZ, and (3) STCO atoms.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2162
Version: 18
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7187
 
Oval ID: oval:org.mitre.oval:def:7187
Title: Adobe Flash Player SWF Version Null Pointer Dereference Denial of Service Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service (NULL pointer dereference and browser crash) by returning a different response when an HTTP request is sent a second time, as demonstrated by two responses that provide SWF files with different SWF version numbers.
Family: windows Class: vulnerability
Reference(s): CVE-2008-4546
Version: 18
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7205
 
Oval ID: oval:org.mitre.oval:def:7205
Title: Adobe Flash Player Memory Exhaustion Vulnerability
Description: Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory consumption) or possibly execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2009-3793
Version: 18
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7266
 
Oval ID: oval:org.mitre.oval:def:7266
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2188.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2187
Version: 18
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7276
 
Oval ID: oval:org.mitre.oval:def:7276
Title: Adobe Flash Player Pointer Memory Corruption
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allow attackers to cause a denial of service (pointer memory corruption) or possibly execute arbitrary code via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2169
Version: 18
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7278
 
Oval ID: oval:org.mitre.oval:def:7278
Title: Adobe Flash Player Integer Overflow Vulnerability
Description: Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2181.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2183
Version: 18
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7303
 
Oval ID: oval:org.mitre.oval:def:7303
Title: Adobe Flash Player Out Of Bounds Memory Indexing Vulnerability
Description: Array index error in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified "types of Adobe Flash code."
Family: windows Class: vulnerability
Reference(s): CVE-2010-2161
Version: 18
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7334
 
Oval ID: oval:org.mitre.oval:def:7334
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2187, and CVE-2010-2188.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2184
Version: 18
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7342
 
Oval ID: oval:org.mitre.oval:def:7342
Title: Adobe Flash Player Integer Overflow Vulnerability
Description: Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2183.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2181
Version: 18
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7364
 
Oval ID: oval:org.mitre.oval:def:7364
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2178
Version: 18
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7415
 
Oval ID: oval:org.mitre.oval:def:7415
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2176
Version: 18
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7431
 
Oval ID: oval:org.mitre.oval:def:7431
Title: Adobe Flash Player Memory Corruption Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2166
Version: 18
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7491
 
Oval ID: oval:org.mitre.oval:def:7491
Title: Adobe Flash Player Multiple Heap Overflow Vulnerabilities
Description: Multiple heap-based buffer overflows in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to malformed (1) GIF or (2) JPEG data.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2167
Version: 18
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7501
 
Oval ID: oval:org.mitre.oval:def:7501
Title: Adobe Flash Player Multiple Vulnerabilities that could lead to code execution
Description: Multiple unspecified vulnerabilities in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unknown vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2163
Version: 18
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7508
 
Oval ID: oval:org.mitre.oval:def:7508
Title: Adobe Flash Player Memory Exhaustion Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an invalid offset in an unspecified undocumented opcode in ActionScript Virtual Machine 2, related to getouterscope, a different vulnerability than CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2160
Version: 18
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7528
 
Oval ID: oval:org.mitre.oval:def:7528
Title: Adobe Flash Player Invalid Pointer Vulnerability
Description: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newfunction (0x44) operator, a different vulnerability than CVE-2010-2173.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2174
Version: 18
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7577
 
Oval ID: oval:org.mitre.oval:def:7577
Title: Adobe Flash Player Buffer Overflow Vulnerability
Description: Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors.
Family: windows Class: vulnerability
Reference(s): CVE-2010-2185
Version: 18
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows Server 2012
Microsoft Windows 8.1
Microsoft Windows Server 2012 R2
Product(s): Adobe Flash Player
Adobe AIR
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 135
Application 86
Application 10
Application 99
Application 5

SAINT Exploits

Description Link
Adobe Reader authplay.dll newfunction Memory Corruption More info here

ExploitDB Exploits

id Description
2010-09-25 Adobe Flash Player "newfunction" Invalid Pointer Use
2010-09-20 Adobe Flash Player "newfunction" Invalid Pointer Use
2010-09-01 MOAUB #1 - Adobe Acrobat Reader and Flash Player
2010-06-09 Adobe Flash and Reader - 0day Exploit PoC (from the wild)

OpenVAS Exploits

Date Description
2011-09-07 Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007)
File : nvt/gb_macosx_su10-007.nasl
2011-03-09 Name : Gentoo Security Advisory GLSA 201009-05 (acroread)
File : nvt/glsa_201009_05.nasl
2011-03-09 Name : Gentoo Security Advisory GLSA 201101-09 (adobe-flash)
File : nvt/glsa_201101_09.nasl
2010-09-10 Name : SuSE Update for acroread SUSE-SA:2010:037
File : nvt/gb_suse_2010_037.nasl
2010-08-21 Name : FreeBSD Ports: linux-flashplugin
File : nvt/freebsd_linux-flashplugin9.nasl
2010-08-16 Name : SuSE Update for flash-player SUSE-SA:2010:034
File : nvt/gb_suse_2010_034.nasl
2010-07-12 Name : SuSE Update for acroread SUSE-SA:2010:029
File : nvt/gb_suse_2010_029.nasl
2010-07-06 Name : FreeBSD Ports: linux-flashplugin
File : nvt/freebsd_linux-flashplugin8.nasl
2010-06-23 Name : SuSE Update for flash-player SUSE-SA:2010:024
File : nvt/gb_suse_2010_024.nasl
2010-06-22 Name : Adobe Flash Player/Air Multiple Vulnerabilities - June10 (Linux)
File : nvt/secpod_adobe_prdts_mult_vuln_jun10_lin.nasl
2010-06-22 Name : Adobe Flash Player/Air Multiple Vulnerabilities - June10 (Win)
File : nvt/secpod_adobe_prdts_mult_vuln_jun10_win.nasl
2010-06-15 Name : Adobe Products Remote Code Execution Vulnerability - jun10 (Linux)
File : nvt/gb_adobe_prdts_code_exec_vuln_lin_jun10.nasl
2010-06-15 Name : Adobe Products Remote Code Execution Vulnerability - jun10 (Win)
File : nvt/gb_adobe_prdts_code_exec_vuln_win_jun10.nasl
2009-03-13 Name : Ubuntu USN-731-1 (apache2)
File : nvt/ubuntu_731_1.nasl
2009-03-13 Name : Ubuntu USN-732-1 (dash)
File : nvt/ubuntu_732_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
67058 Adobe Flash Player ActionScript connect Method Memory Corruption

66119 Adobe Flash Player ActionScript Virtual Machine newFrameState Method Remote O...

65599 Adobe Flash Player / AIR LocalConnection Connect Method Memory Corruption

65598 Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2187)

65597 Adobe Flash Player / AIR Unspecified Application Crash DoS (2010-2186)

65596 Adobe Flash Player / AIR Unspecified Overflow (2010-2185)

65595 Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2184)

65594 Adobe Flash Player / AIR Unspecified Overflow (2010-2183)

65593 Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2182)

65592 Adobe Flash Player / AIR Unspecified Overflow (2010-2181)

65591 Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2180)

65590 Adobe Flash Player / AIR Unspecified URL Parsing XSS (2010-2179)

65589 Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2178)

65588 Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2177)

65587 Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2176)

65586 Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2175)

65585 Adobe Flash Player / AIR newfunction Operator Processing Invalid Pointer Arbi...

65584 Adobe Flash Player / AIR newclass Operator Processing Invalid Pointer Arbitra...

65582 Adobe Flash Player / AIR Multiple Tag JPEG Parsing Memory Corruption

65581 Adobe Flash Player / AIR Unspecified Overflow (2010-2170)

65580 Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2169)

65579 Adobe Flash Player / AIR GIF/JPEG Processing Multiple Unspecified Overflows

65578 Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2166)

65577 Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2165)

65576 Adobe Flash Player / AIR Unspecified Function Image Type Use-after-free Arbit...

65575 Adobe Flash Player / AIR Multiple Unspecified Arbitrary Code Execution (2010-...

65574 Adobe Flash Player / AIR Atom MP4 Parsing Memory Corruption

65573 Adobe Flash Player / AIR Unspecified Code Type Array Index Arbitrary Code Exe...

65572 Adobe Flash Player / AIR ActionScript Virtual Machine 2 getouterscope Opcode ...

65532 Adobe Flash Player / AIR Unspecified Memory Consumption DoS (2009-3793)

65141 Adobe Multiple Products SWF Handling Arbitrary Code Execution

50073 Adobe Flash Player Differential SWF File Version Response DoS

Snort® IPS/IDS

Date Description
2014-01-10 Adobe Flash Player newfunction memory corruption attempt
RuleID : 28676 - Revision : 5 - Type : FILE-FLASH
2014-01-10 Adobe Flash Player newfunction memory corruption attempt
RuleID : 28675 - Revision : 5 - Type : FILE-FLASH
2014-01-10 Adobe Flash Player newfunction memory corruption attempt
RuleID : 28674 - Revision : 5 - Type : FILE-FLASH
2014-01-10 Adobe Flash Player newfunction memory corruption attempt
RuleID : 28673 - Revision : 5 - Type : FILE-FLASH
2014-01-10 Teletubbies exploit kit payload download
RuleID : 27886 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10 Teletubbies exploit kit exploit attempt for Adobe Flash Player
RuleID : 27881 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10 Adobe Flash Player newfunction memory corruption exploit attempt
RuleID : 23592 - Revision : 7 - Type : FILE-FLASH
2014-01-10 Adobe Flash Player newfunction memory corruption attempt
RuleID : 23591 - Revision : 7 - Type : FILE-FLASH
2014-01-10 Adobe Flash use-after-free attack attempt
RuleID : 23579 - Revision : 6 - Type : FILE-FLASH
2014-01-10 Adobe flash player newfunction memory corruption attempt
RuleID : 23512 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader authplay.dll vulnerability exploit attempt
RuleID : 23511 - Revision : 7 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader File containing Flash use-after-free attack attempt
RuleID : 23510 - Revision : 7 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader malformed Richmedia annotation exploit attempt
RuleID : 23509 - Revision : 5 - Type : FILE-PDF
2014-01-10 Adobe Flash Player newfunction memory corruption attempt
RuleID : 23265 - Revision : 11 - Type : FILE-FLASH
2014-01-10 Adobe Flash Player newfunction memory corruption attempt
RuleID : 23264 - Revision : 10 - Type : FILE-FLASH
2014-01-10 Adobe flash player newfunction memory corruption attempt
RuleID : 23263 - Revision : 9 - Type : FILE-PDF
2014-01-10 Phoenix exploit kit post-compromise behavior
RuleID : 21860 - Revision : 5 - Type : MALWARE-CNC
2014-01-10 Phoenix exploit kit landing page
RuleID : 21640 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10 ShockwaveFlash.ShockwaveFlash ActiveX clsid access
RuleID : 20875 - Revision : 7 - Type : BROWSER-PLUGINS
2014-01-10 Adobe Flash Player memory consumption vulnerability
RuleID : 20050 - Revision : 12 - Type : FILE-FLASH
2014-01-10 Adobe Flash Player newfunction memory corruption exploit attempt
RuleID : 19408 - Revision : 12 - Type : FILE-FLASH
2014-01-10 Adobe Flash Player SWF file MP4 data parsing memory corruption attempt
RuleID : 19148 - Revision : 15 - Type : FILE-MULTIMEDIA
2014-01-10 Adobe Flash Player newfunction memory corruption attempt
RuleID : 19145 - Revision : 13 - Type : FILE-FLASH
2014-01-10 Adobe Acrobat Reader authplay.dll vulnerability exploit attempt
RuleID : 16664 - Revision : 12 - Type : FILE-PDF
2014-01-10 Adobe Flash use-after-free attack attempt
RuleID : 16634 - Revision : 16 - Type : FILE-FLASH
2014-01-10 Adobe Acrobat Reader File containing Flash use-after-free attack attempt
RuleID : 16633 - Revision : 19 - Type : FILE-PDF
2014-01-10 Adobe Acrobat Reader malformed Richmedia annotation exploit attempt
RuleID : 16545 - Revision : 21 - Type : FILE-PDF

Nessus® Vulnerability Scanner

Date Description
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_flash-player-100811.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_acroread-100826.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0470.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2010-0464.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_flash-player-7071.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread_ja-7132.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread_ja-7086.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread-7131.nasl - Type : ACT_GATHER_INFO
2011-01-27 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_acroread-7087.nasl - Type : ACT_GATHER_INFO
2011-01-24 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201101-09.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_acroread-100825.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_acroread_ja-100702.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_acroread_ja-100825.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_acroread-100702.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_flash-player-100611.nasl - Type : ACT_GATHER_INFO
2010-12-02 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_flash-player-100811.nasl - Type : ACT_GATHER_INFO
2010-11-10 Name : The remote host is missing a Mac OS X update that fixes security issues.
File : macosx_SecUpd2010-007.nasl - Type : ACT_GATHER_INFO
2010-11-10 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_10_6_5.nasl - Type : ACT_GATHER_INFO
2010-09-08 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201009-05.nasl - Type : ACT_GATHER_INFO
2010-09-02 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_acroread-100826.nasl - Type : ACT_GATHER_INFO
2010-09-02 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_acroread-100826.nasl - Type : ACT_GATHER_INFO
2010-08-19 Name : The version of Adobe Acrobat on the remote Windows host is affected by multip...
File : adobe_acrobat_apsb10-17.nasl - Type : ACT_GATHER_INFO
2010-08-19 Name : The version of Adobe Reader on the remote Windows host is affected by multipl...
File : adobe_reader_apsb10-17.nasl - Type : ACT_GATHER_INFO
2010-08-14 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_e19e74a4a71211dfb234001b2134ef46.nasl - Type : ACT_GATHER_INFO
2010-08-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_flash-player-100811.nasl - Type : ACT_GATHER_INFO
2010-08-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_flash-player-100811.nasl - Type : ACT_GATHER_INFO
2010-08-11 Name : The remote Windows host contains a version of Adobe AIR that is affected by m...
File : adobe_air_apsb10-16.nasl - Type : ACT_GATHER_INFO
2010-08-11 Name : The remote Windows host contains a browser plug-in that is affected by multip...
File : flash_player_apsb10-16.nasl - Type : ACT_GATHER_INFO
2010-07-28 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0503.nasl - Type : ACT_GATHER_INFO
2010-07-09 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_acroread-100708.nasl - Type : ACT_GATHER_INFO
2010-07-09 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_acroread-100708.nasl - Type : ACT_GATHER_INFO
2010-07-09 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_acroread-100706.nasl - Type : ACT_GATHER_INFO
2010-06-30 Name : The version of Adobe Reader on the remote Windows host is affected by multipl...
File : adobe_reader_apsb10-15.nasl - Type : ACT_GATHER_INFO
2010-06-30 Name : The version of Adobe Acrobat on the remote Windows host is affected by multip...
File : adobe_acrobat_apsb10-15.nasl - Type : ACT_GATHER_INFO
2010-06-16 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_144e524a77eb11dfae06001b2134ef46.nasl - Type : ACT_GATHER_INFO
2010-06-14 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_flash-player-100611.nasl - Type : ACT_GATHER_INFO
2010-06-14 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_flash-player-100611.nasl - Type : ACT_GATHER_INFO
2010-06-14 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_flash-player-100611.nasl - Type : ACT_GATHER_INFO
2010-06-10 Name : The remote Windows host contains a browser plug-in that is affected by a code...
File : flash_player_apsb10-14.nasl - Type : ACT_GATHER_INFO
2010-06-10 Name : The remote Windows host contains a version of Adobe AIR that is affected by m...
File : adobe_air_apsb10-14.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_flash-player-081107.nasl - Type : ACT_GATHER_INFO
2008-11-12 Name : The remote openSUSE host is missing a security update.
File : suse_flash-player-5747.nasl - Type : ACT_GATHER_INFO
2008-11-12 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_flash-player-5757.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:53:33
  • Multiple Updates