Summary
| Detail | |||
|---|---|---|---|
| Vendor | Macromedia | First view | 2006-03-15 |
| Product | Flash Player | Last view | 2010-06-15 |
| Version | 5.0.30.0 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:macromedia:flash_player | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 9.3 | 2010-06-15 | CVE-2010-2189 | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when used in conjunction with VMWare Tools on a VMWare platform, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. |
| 9.3 | 2010-06-15 | CVE-2010-2188 | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by calling the ActionScript native object 2200 connect method multiple times with different arguments, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2187. |
| 9.3 | 2010-06-15 | CVE-2010-2187 | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2188. |
| 9.3 | 2010-06-15 | CVE-2010-2186 | Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. |
| 9.3 | 2010-06-15 | CVE-2010-2185 | Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors. |
| 9.3 | 2010-06-15 | CVE-2010-2184 | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2187, and CVE-2010-2188. |
| 9.3 | 2010-06-15 | CVE-2010-2183 | Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2181. |
| 9.3 | 2010-06-15 | CVE-2010-2182 | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. |
| 9.3 | 2010-06-15 | CVE-2010-2181 | Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2183. |
| 9.3 | 2010-06-15 | CVE-2010-2180 | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. |
| 9.3 | 2010-06-15 | CVE-2010-2178 | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. |
| 9.3 | 2010-06-15 | CVE-2010-2177 | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. |
| 9.3 | 2010-06-15 | CVE-2010-2176 | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. |
| 9.3 | 2010-06-15 | CVE-2010-2175 | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. |
| 9.3 | 2010-06-15 | CVE-2010-2174 | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newfunction (0x44) operator, a different vulnerability than CVE-2010-2173. |
| 9.3 | 2010-06-15 | CVE-2010-2173 | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newclass (0x58) operator, a different vulnerability than CVE-2010-2174. |
| 9.3 | 2010-06-15 | CVE-2010-2171 | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors related to SWF files, decompression of embedded JPEG image data, and the DefineBits and other unspecified tags, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. |
| 9.3 | 2010-06-15 | CVE-2010-2170 | Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2181 and CVE-2010-2183. |
| 9.3 | 2010-06-15 | CVE-2010-2169 | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allow attackers to cause a denial of service (pointer memory corruption) or possibly execute arbitrary code via unspecified vectors. |
| 9.3 | 2010-06-15 | CVE-2010-2167 | Multiple heap-based buffer overflows in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to malformed (1) GIF or (2) JPEG data. |
| 9.3 | 2010-06-15 | CVE-2010-2166 | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. |
| 9.3 | 2010-06-15 | CVE-2010-2165 | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188. |
| 9.3 | 2010-06-15 | CVE-2010-2164 | Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to an unspecified "image type within a certain function." |
| 9.3 | 2010-06-15 | CVE-2010-2163 | Multiple unspecified vulnerabilities in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unknown vectors. |
| 9.3 | 2010-06-15 | CVE-2010-2162 | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors related to improper length calculation and the (1) STSC, (2) STSZ, and (3) STCO atoms. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 71% (20) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 10% (3) | CWE-189 | Numeric Errors |
| 10% (3) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 7% (2) | CWE-399 | Resource Management Errors |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 67058 | Adobe Flash Player ActionScript connect Method Memory Corruption |
| 66119 | Adobe Flash Player ActionScript Virtual Machine newFrameState Method Remote O... |
| 65600 | Adobe Flash Player / AIR on VMWare Tools Unspecified Memory Corruption DoS (2... |
| 65599 | Adobe Flash Player / AIR LocalConnection Connect Method Memory Corruption |
| 65598 | Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2187) |
| 65597 | Adobe Flash Player / AIR Unspecified Application Crash DoS (2010-2186) |
| 65596 | Adobe Flash Player / AIR Unspecified Overflow (2010-2185) |
| 65595 | Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2184) |
| 65594 | Adobe Flash Player / AIR Unspecified Overflow (2010-2183) |
| 65593 | Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2182) |
| 65592 | Adobe Flash Player / AIR Unspecified Overflow (2010-2181) |
| 65591 | Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2180) |
| 65589 | Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2178) |
| 65588 | Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2177) |
| 65587 | Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2176) |
| 65586 | Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2175) |
| 65585 | Adobe Flash Player / AIR newfunction Operator Processing Invalid Pointer Arbi... |
| 65584 | Adobe Flash Player / AIR newclass Operator Processing Invalid Pointer Arbitra... |
| 65582 | Adobe Flash Player / AIR Multiple Tag JPEG Parsing Memory Corruption |
| 65581 | Adobe Flash Player / AIR Unspecified Overflow (2010-2170) |
| 65580 | Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2169) |
| 65579 | Adobe Flash Player / AIR GIF/JPEG Processing Multiple Unspecified Overflows |
| 65578 | Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2166) |
| 65577 | Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2165) |
| 65576 | Adobe Flash Player / AIR Unspecified Function Image Type Use-after-free Arbit... |
OpenVAS Exploits
| id | Description |
|---|---|
| 2011-09-07 | Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) File : nvt/gb_macosx_su10-007.nasl |
| 2011-03-09 | Name : Gentoo Security Advisory GLSA 201101-09 (adobe-flash) File : nvt/glsa_201101_09.nasl |
| 2010-09-10 | Name : SuSE Update for acroread SUSE-SA:2010:037 File : nvt/gb_suse_2010_037.nasl |
| 2010-08-21 | Name : FreeBSD Ports: linux-flashplugin File : nvt/freebsd_linux-flashplugin9.nasl |
| 2010-08-16 | Name : SuSE Update for flash-player SUSE-SA:2010:034 File : nvt/gb_suse_2010_034.nasl |
| 2010-07-06 | Name : FreeBSD Ports: linux-flashplugin File : nvt/freebsd_linux-flashplugin8.nasl |
| 2010-06-23 | Name : SuSE Update for flash-player SUSE-SA:2010:024 File : nvt/gb_suse_2010_024.nasl |
| 2010-06-22 | Name : Adobe Flash Player/Air Multiple Vulnerabilities - June10 (Linux) File : nvt/secpod_adobe_prdts_mult_vuln_jun10_lin.nasl |
| 2010-06-22 | Name : Adobe Flash Player/Air Multiple Vulnerabilities - June10 (Win) File : nvt/secpod_adobe_prdts_mult_vuln_jun10_win.nasl |
| 2010-05-12 | Name : Mac OS X Security Update 2007-009 File : nvt/macosx_secupd_2007-009.nasl |
| 2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200603-20 (Flash) File : nvt/glsa_200603_20.nasl |
| 2008-09-04 | Name : FreeBSD Ports: linux-flashplugin File : nvt/freebsd_linux-flashplugin.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | ShockwaveFlash.ShockwaveFlash ActiveX clsid access RuleID : 20875 - Type : BROWSER-PLUGINS - Revision : 7 |
| 2014-01-10 | Adobe Flash Player memory consumption vulnerability RuleID : 20050 - Type : FILE-FLASH - Revision : 12 |
| 2014-01-10 | Adobe Flash Player SWF file MP4 data parsing memory corruption attempt RuleID : 19148 - Type : FILE-MULTIMEDIA - Revision : 15 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_3_flash-player-100811.nasl - Type: ACT_GATHER_INFO |
| 2014-06-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_3_acroread-100826.nasl - Type: ACT_GATHER_INFO |
| 2013-01-24 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2010-0470.nasl - Type: ACT_GATHER_INFO |
| 2013-01-24 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2010-0464.nasl - Type: ACT_GATHER_INFO |
| 2013-01-24 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2006-0268.nasl - Type: ACT_GATHER_INFO |
| 2011-01-27 | Name: The remote SuSE 10 host is missing a security-related patch. File: suse_flash-player-7071.nasl - Type: ACT_GATHER_INFO |
| 2011-01-27 | Name: The remote SuSE 10 host is missing a security-related patch. File: suse_acroread_ja-7132.nasl - Type: ACT_GATHER_INFO |
| 2011-01-27 | Name: The remote SuSE 10 host is missing a security-related patch. File: suse_acroread-7131.nasl - Type: ACT_GATHER_INFO |
| 2011-01-24 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201101-09.nasl - Type: ACT_GATHER_INFO |
| 2010-12-02 | Name: The remote SuSE 11 host is missing one or more security updates. File: suse_11_acroread-100825.nasl - Type: ACT_GATHER_INFO |
| 2010-12-02 | Name: The remote SuSE 11 host is missing a security update. File: suse_11_flash-player-100811.nasl - Type: ACT_GATHER_INFO |
| 2010-12-02 | Name: The remote SuSE 11 host is missing a security update. File: suse_11_flash-player-100611.nasl - Type: ACT_GATHER_INFO |
| 2010-12-02 | Name: The remote SuSE 11 host is missing a security update. File: suse_11_acroread_ja-100825.nasl - Type: ACT_GATHER_INFO |
| 2010-11-10 | Name: The remote host is missing a Mac OS X update that fixes various security issues. File: macosx_10_6_5.nasl - Type: ACT_GATHER_INFO |
| 2010-11-10 | Name: The remote host is missing a Mac OS X update that fixes security issues. File: macosx_SecUpd2010-007.nasl - Type: ACT_GATHER_INFO |
| 2010-09-02 | Name: The remote openSUSE host is missing a security update. File: suse_11_2_acroread-100826.nasl - Type: ACT_GATHER_INFO |
| 2010-09-02 | Name: The remote openSUSE host is missing a security update. File: suse_11_1_acroread-100826.nasl - Type: ACT_GATHER_INFO |
| 2010-08-19 | Name: The version of Adobe Reader on the remote Windows host is affected by multipl... File: adobe_reader_apsb10-17.nasl - Type: ACT_GATHER_INFO |
| 2010-08-19 | Name: The version of Adobe Acrobat on the remote Windows host is affected by multip... File: adobe_acrobat_apsb10-17.nasl - Type: ACT_GATHER_INFO |
| 2010-08-14 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_e19e74a4a71211dfb234001b2134ef46.nasl - Type: ACT_GATHER_INFO |
| 2010-08-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_2_flash-player-100811.nasl - Type: ACT_GATHER_INFO |
| 2010-08-13 | Name: The remote openSUSE host is missing a security update. File: suse_11_1_flash-player-100811.nasl - Type: ACT_GATHER_INFO |
| 2010-08-11 | Name: The remote Windows host contains a version of Adobe AIR that is affected by m... File: adobe_air_apsb10-16.nasl - Type: ACT_GATHER_INFO |
| 2010-08-11 | Name: The remote Windows host contains a browser plug-in that is affected by multip... File: flash_player_apsb10-16.nasl - Type: ACT_GATHER_INFO |
| 2010-06-16 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_144e524a77eb11dfae06001b2134ef46.nasl - Type: ACT_GATHER_INFO |
