9.3 - RHSA-2010:0470

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	flash-plugin security update

Informations
Name	RHSA-2010:0470	First vendor Publication	2010-06-14
Vendor	RedHat	Last vendor Modification	2010-06-14
Severity (Vendor)	Critical	Revision	01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3 and 4 Extras.

The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

2. Relevant releases/architectures:

Red Hat Desktop version 3 Extras - i386 Red Hat Desktop version 4 Extras - i386 Red Hat Enterprise Linux AS version 3 Extras - i386 Red Hat Enterprise Linux AS version 4 Extras - i386 Red Hat Enterprise Linux ES version 3 Extras - i386 Red Hat Enterprise Linux ES version 4 Extras - i386 Red Hat Enterprise Linux WS version 3 Extras - i386 Red Hat Enterprise Linux WS version 4 Extras - i386

3. Description:

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in.

This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB10-14, listed in the References section.

Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content. (CVE-2009-3793, CVE-2010-2160, CVE-2010-2161, CVE-2010-2162, CVE-2010-2163, CVE-2010-2164, CVE-2010-2165, CVE-2010-2166, CVE-2010-2167, CVE-2010-2169, CVE-2010-2170, CVE-2010-2171, CVE-2010-2172, CVE-2010-2173, CVE-2010-2174, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2181, CVE-2010-2182, CVE-2010-2183, CVE-2010-2184, CVE-2010-2185, CVE-2010-2186, CVE-2010-2187, CVE-2010-2188)

An input sanitization flaw was found in the way flash-plugin processed certain URLs. An attacker could use this flaw to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially-crafted web page. (CVE-2010-2179)

All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 9.0.277.0.

4. Solution:

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

602627 - CVE-2010-2172 flash-plugin: CVE-2010-0187 "possible player crash" affects also v9.x versions of Adobe Flash Player 602847 - flash-plugin: multiple security flaws (APSB10-14)

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2010-0470.html

CWE : Common Weakness Enumeration

%	Id	Name
61 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
13 %	CWE-94	Failure to Control Generation of Code ('Code Injection')
10 %	CWE-399	Resource Management Errors
10 %	CWE-189	Numeric Errors (CWE/SANS Top 25)
3 %	CWE-787	Out-of-bounds Write (CWE/SANS Top 25)
3 %	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:14072

Oval ID:	oval:org.mitre.oval:def:14072
Title:	DEPRECATED: Adobe Flash Player 9 before 9.0.277.0 on unspecified UNIX platforms allows attackers to cause a denial of service via unknown vectors.
Description:	Adobe Flash Player 9 before 9.0.277.0 on unspecified UNIX platforms allows attackers to cause a denial of service via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2172	Version:	9
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Adobe Flash Player
Definition Synopsis:
Determine if the version of Adobe Flash Player is less than or equal to 9.0.262.0 and is greater than or equal to 9.0.16 Adobe Flash Player 9 is installed AND Determine if the version of Adobe Flash Player is less than or equal to 9.0.262.0 AND Determine if the version of Adobe Flash Player is greater than or equal to 9.0.16

Definition Id: oval:org.mitre.oval:def:15360

Oval ID:	oval:org.mitre.oval:def:15360
Title:	Adobe Flash Player Invalid Pointer Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newfunction (0x44) operator, a different vulnerability than CVE-2010-2173.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2174	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:15437

Oval ID:	oval:org.mitre.oval:def:15437
Title:	Adobe Flash Player Multiple Heap Overflow Vulnerabilities
Description:	Multiple heap-based buffer overflows in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to malformed (1) GIF or (2) JPEG data.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2167	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:15525

Oval ID:	oval:org.mitre.oval:def:15525
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2175	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:15541

Oval ID:	oval:org.mitre.oval:def:15541
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2166	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:15576

Oval ID:	oval:org.mitre.oval:def:15576
Title:	Adobe Flash Player Out Of Bounds Memory Indexing Vulnerability
Description:	Array index error in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified "types of Adobe Flash code."
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2161	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:15719

Oval ID:	oval:org.mitre.oval:def:15719
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2176	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:15798

Oval ID:	oval:org.mitre.oval:def:15798
Title:	Adobe Flash Player Use-After-Free Vulnerability
Description:	Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to an unspecified "image type within a certain function."
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2164	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:15920

Oval ID:	oval:org.mitre.oval:def:15920
Title:	Adobe Flash Player Integer Overflow Vulnerability
Description:	Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2181.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2183	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:15937

Oval ID:	oval:org.mitre.oval:def:15937
Title:	Adobe Flash Player Integer Overflow Vulnerability
Description:	Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2183.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2181	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:15965

Oval ID:	oval:org.mitre.oval:def:15965
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2177	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:16022

Oval ID:	oval:org.mitre.oval:def:16022
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2178	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:16029

Oval ID:	oval:org.mitre.oval:def:16029
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2187, and CVE-2010-2188.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2184	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:16052

Oval ID:	oval:org.mitre.oval:def:16052
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2180	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:16056

Oval ID:	oval:org.mitre.oval:def:16056
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2188.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2187	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:16083

Oval ID:	oval:org.mitre.oval:def:16083
Title:	Adobe Flash Player Memory Exhaustion Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an invalid offset in an unspecified undocumented opcode in ActionScript Virtual Machine 2, related to getouterscope, a different vulnerability than CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2160	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:16090

Oval ID:	oval:org.mitre.oval:def:16090
Title:	Adobe Flash Player Buffer Overflow Vulnerability
Description:	Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2185	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:16125

Oval ID:	oval:org.mitre.oval:def:16125
Title:	Adobe Flash Player and AIR Denial of Service Vulnerability
Description:	Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 allow remote attackers to cause a denial of service (application crash) via a modified SWF file.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-0187	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe Flash Player Adobe Flash Player is Installed AND Version of Adobe Flash Player is less than 10.0.45.2 OR Adobe AIR before 1.5.3.9130 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 1.5.3.9130

Definition Id: oval:org.mitre.oval:def:16223

Oval ID:	oval:org.mitre.oval:def:16223
Title:	Adobe Flash Player Memory Exhaustion Vulnerability
Description:	Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory consumption) or possibly execute arbitrary code via unknown vectors.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2009-3793	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:16225

Oval ID:	oval:org.mitre.oval:def:16225
Title:	Adobe Flash Player Pointer Memory Corruption
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allow attackers to cause a denial of service (pointer memory corruption) or possibly execute arbitrary code via unspecified vectors.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2169	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:16261

Oval ID:	oval:org.mitre.oval:def:16261
Title:	Adobe Flash Player Invalid Pointer Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newclass (0x58) operator, a different vulnerability than CVE-2010-2174.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2173	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:16271

Oval ID:	oval:org.mitre.oval:def:16271
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by calling the ActionScript native object 2200 connect method multiple times with different arguments, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2187.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2188	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:16283

Oval ID:	oval:org.mitre.oval:def:16283
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2182	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:16285

Oval ID:	oval:org.mitre.oval:def:16285
Title:	Adobe Flash Player Denial of Service Vulnerability
Description:	Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2186	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:16302

Oval ID:	oval:org.mitre.oval:def:16302
Title:	Adobe Flash Player SWF Version Null Pointer Dereference Denial of Service Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service (NULL pointer dereference and browser crash) by returning a different response when an HTTP request is sent a second time, as demonstrated by two responses that provide SWF files with different SWF version numbers.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2008-4546	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:16316

Oval ID:	oval:org.mitre.oval:def:16316
Title:	Adobe Flash Player Multiple Vulnerabilities that could lead to code execution
Description:	Multiple unspecified vulnerabilities in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unknown vectors.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2163	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:16341

Oval ID:	oval:org.mitre.oval:def:16341
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors related to SWF files, decompression of embedded JPEG image data, and the DefineBits and other unspecified tags, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2171	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:16345

Oval ID:	oval:org.mitre.oval:def:16345
Title:	Adobe Flash Player Heap Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors related to improper length calculation and the (1) STSC, (2) STSZ, and (3) STCO atoms.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2162	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:16348

Oval ID:	oval:org.mitre.oval:def:16348
Title:	Adobe Flash Player Integer Overflow Vulnerability
Description:	Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2181 and CVE-2010-2183.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2170	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:16350

Oval ID:	oval:org.mitre.oval:def:16350
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2010-2165	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 installed Adobe Flash Player is Installed AND Flash version is before 9.0.277.0 or 10.x before 10.1.53.64 Version of Adobe Flash Player is less than 9.0.277.0 OR Adobe Flash Player 10.x before 10.1.53.64 installed Adobe Flash Player 10 is Installed AND Version of Adobe Flash Player is less than 10.1.53.64 OR Adobe AIR before 2.0.2.12610 is installed Adobe AIR is installed AND Version of Adobe AIR is less than 2.0.2.12610

Definition Id: oval:org.mitre.oval:def:21893

Oval ID:	oval:org.mitre.oval:def:21893
Title:	RHSA-2010:0102: flash-plugin security update (Important)
Description:	Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 allow remote attackers to cause a denial of service (application crash) via a modified SWF file.
Family:	unix	Class:	patch
Reference(s):	RHSA-2010:0102-01 CVE-2010-0186 CVE-2010-0187	Version:	29
Platform(s):	Red Hat Enterprise Linux 5	Product(s):	flash-plugin
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 5 AND flash-plugin is earlier than 0:10.0.45.2-1.el5

Definition Id: oval:org.mitre.oval:def:22053

Oval ID:	oval:org.mitre.oval:def:22053
Title:	RHSA-2010:0464: flash-plugin security update (Critical)
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by calling the ActionScript native object 2200 connect method multiple times with different arguments, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2187.
Family:	unix	Class:	patch
Reference(s):	RHSA-2010:0464-01 CVE-2008-4546 CVE-2009-3793 CVE-2010-1297 CVE-2010-2160 CVE-2010-2161 CVE-2010-2162 CVE-2010-2163 CVE-2010-2164 CVE-2010-2165 CVE-2010-2166 CVE-2010-2167 CVE-2010-2169 CVE-2010-2170 CVE-2010-2171 CVE-2010-2173 CVE-2010-2174 CVE-2010-2175 CVE-2010-2176 CVE-2010-2177 CVE-2010-2178 CVE-2010-2179 CVE-2010-2180 CVE-2010-2181 CVE-2010-2182 CVE-2010-2183 CVE-2010-2184 CVE-2010-2185 CVE-2010-2186 CVE-2010-2187 CVE-2010-2188	Version:	393
Platform(s):	Red Hat Enterprise Linux 5	Product(s):	flash-plugin
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 5 AND flash-plugin is earlier than 0:10.1-2.el5

Definition Id: oval:org.mitre.oval:def:22997

Oval ID:	oval:org.mitre.oval:def:22997
Title:	ELSA-2010:0464: flash-plugin security update (Critical)
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by calling the ActionScript native object 2200 connect method multiple times with different arguments, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2187.
Family:	unix	Class:	patch
Reference(s):	ELSA-2010:0464-01 CVE-2008-4546 CVE-2009-3793 CVE-2010-1297 CVE-2010-2160 CVE-2010-2161 CVE-2010-2162 CVE-2010-2163 CVE-2010-2164 CVE-2010-2165 CVE-2010-2166 CVE-2010-2167 CVE-2010-2169 CVE-2010-2170 CVE-2010-2171 CVE-2010-2173 CVE-2010-2174 CVE-2010-2175 CVE-2010-2176 CVE-2010-2177 CVE-2010-2178 CVE-2010-2179 CVE-2010-2180 CVE-2010-2181 CVE-2010-2182 CVE-2010-2183 CVE-2010-2184 CVE-2010-2185 CVE-2010-2186 CVE-2010-2187 CVE-2010-2188	Version:	125
Platform(s):	Oracle Linux 5	Product(s):	flash-plugin
Definition Synopsis:
Oracle Linux 5.x AND flash-plugin is earlier than 0:10.1-2.el5

Definition Id: oval:org.mitre.oval:def:23015

Oval ID:	oval:org.mitre.oval:def:23015
Title:	ELSA-2010:0102: flash-plugin security update (Important)
Description:	Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 allow remote attackers to cause a denial of service (application crash) via a modified SWF file.
Family:	unix	Class:	patch
Reference(s):	ELSA-2010:0102-01 CVE-2010-0186 CVE-2010-0187	Version:	13
Platform(s):	Oracle Linux 5	Product(s):	flash-plugin
Definition Synopsis:
Oracle Linux 5.x AND flash-plugin is earlier than 0:10.0.45.2-1.el5

Definition Id: oval:org.mitre.oval:def:6758

Oval ID:	oval:org.mitre.oval:def:6758
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2182	Version:	17
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:6762

Oval ID:	oval:org.mitre.oval:def:6762
Title:	Adobe Flash Player Invalid Pointer Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newclass (0x58) operator, a different vulnerability than CVE-2010-2174.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2173	Version:	17
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:6765

Oval ID:	oval:org.mitre.oval:def:6765
Title:	Adobe Flash Player Use-After-Free Vulnerability
Description:	Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to an unspecified "image type within a certain function."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2164	Version:	17
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:6766

Oval ID:	oval:org.mitre.oval:def:6766
Title:	Adobe Flash Player Integer Overflow Vulnerability
Description:	Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2181 and CVE-2010-2183.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2170	Version:	17
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:6781

Oval ID:	oval:org.mitre.oval:def:6781
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2165	Version:	17
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:6903

Oval ID:	oval:org.mitre.oval:def:6903
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2175	Version:	17
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:6946

Oval ID:	oval:org.mitre.oval:def:6946
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by calling the ActionScript native object 2200 connect method multiple times with different arguments, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2187.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2188	Version:	18
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Adobe AIR version is less than 2.0.3 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:6999

Oval ID:	oval:org.mitre.oval:def:6999
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors related to SWF files, decompression of embedded JPEG image data, and the DefineBits and other unspecified tags, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2171	Version:	18
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7014

Oval ID:	oval:org.mitre.oval:def:7014
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2180	Version:	18
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7096

Oval ID:	oval:org.mitre.oval:def:7096
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2177	Version:	18
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7116

Oval ID:	oval:org.mitre.oval:def:7116
Title:	Adobe Flash Player, Acrobat Reader, and Acrobat 'authplay.dll' Remote Code Execution Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-1297	Version:	30
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe Reader Adobe Acrobat
Definition Synopsis:
Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Adobe Reader 8 Adobe Reader 8 Series is installed AND Adobe Reader 8, the sub-version is vulnerable Adobe Reader is less than 8.2.3 AND Adobe Reader library is less than 8.2.3 OR Adobe Reader 9 Adobe Reader 9 Series is installed AND Adobe Reader 9, the sub-version is vulnerable Adobe Reader is less than 9.3.3 AND Adobe Reader library is less than 9.3.3 OR Adobe Acrobat 8 Adobe Acrobat 8 Series is installed AND Adobe Acrobat 8, the sub-version is vulnerable Adobe Acrobat is less than 8.2.3 AND Adobe Acrobat library is less than 8.2.3 OR Adobe Acrobat 9 Adobe Acrobat 9 Series is installed AND Adobe Acrobat 9, the sub-version is vulnerable Adobe Acrobat is less than 9.3.3 AND Adobe Acrobat library is less than 9.3.3 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7118

Oval ID:	oval:org.mitre.oval:def:7118
Title:	Adobe Flash Player Denial of Service Vulnerability
Description:	Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2186	Version:	18
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7126

Oval ID:	oval:org.mitre.oval:def:7126
Title:	Adobe Flash Player URL Parsing Vulnerability that could lead to cross-site scripting (Firefox and Chrome browsers only)
Description:	Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2179	Version:	21
Platform(s):	Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR Google Chrome Mozilla Firefox
Definition Synopsis:
Chrome or Firefox installed Google Chrome is installed AND Mozilla Firefox is installed Vulnerable version of AIR or Flash Player installed Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7166

Oval ID:	oval:org.mitre.oval:def:7166
Title:	Adobe Flash Player Heap Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors related to improper length calculation and the (1) STSC, (2) STSZ, and (3) STCO atoms.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2162	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7187

Oval ID:	oval:org.mitre.oval:def:7187
Title:	Adobe Flash Player SWF Version Null Pointer Dereference Denial of Service Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows remote web servers to cause a denial of service (NULL pointer dereference and browser crash) by returning a different response when an HTTP request is sent a second time, as demonstrated by two responses that provide SWF files with different SWF version numbers.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-4546	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7205

Oval ID:	oval:org.mitre.oval:def:7205
Title:	Adobe Flash Player Memory Exhaustion Vulnerability
Description:	Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory consumption) or possibly execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2009-3793	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7266

Oval ID:	oval:org.mitre.oval:def:7266
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2188.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2187	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7276

Oval ID:	oval:org.mitre.oval:def:7276
Title:	Adobe Flash Player Pointer Memory Corruption
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allow attackers to cause a denial of service (pointer memory corruption) or possibly execute arbitrary code via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2169	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7278

Oval ID:	oval:org.mitre.oval:def:7278
Title:	Adobe Flash Player Integer Overflow Vulnerability
Description:	Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2181.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2183	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7303

Oval ID:	oval:org.mitre.oval:def:7303
Title:	Adobe Flash Player Out Of Bounds Memory Indexing Vulnerability
Description:	Array index error in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified "types of Adobe Flash code."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2161	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7334

Oval ID:	oval:org.mitre.oval:def:7334
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2187, and CVE-2010-2188.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2184	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7342

Oval ID:	oval:org.mitre.oval:def:7342
Title:	Adobe Flash Player Integer Overflow Vulnerability
Description:	Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2183.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2181	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7364

Oval ID:	oval:org.mitre.oval:def:7364
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2178	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7415

Oval ID:	oval:org.mitre.oval:def:7415
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2176	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7431

Oval ID:	oval:org.mitre.oval:def:7431
Title:	Adobe Flash Player Memory Corruption Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2166	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7491

Oval ID:	oval:org.mitre.oval:def:7491
Title:	Adobe Flash Player Multiple Heap Overflow Vulnerabilities
Description:	Multiple heap-based buffer overflows in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to malformed (1) GIF or (2) JPEG data.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2167	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7501

Oval ID:	oval:org.mitre.oval:def:7501
Title:	Adobe Flash Player Multiple Vulnerabilities that could lead to code execution
Description:	Multiple unspecified vulnerabilities in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2163	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7508

Oval ID:	oval:org.mitre.oval:def:7508
Title:	Adobe Flash Player Memory Exhaustion Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an invalid offset in an unspecified undocumented opcode in ActionScript Virtual Machine 2, related to getouterscope, a different vulnerability than CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2160	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7528

Oval ID:	oval:org.mitre.oval:def:7528
Title:	Adobe Flash Player Invalid Pointer Vulnerability
Description:	Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newfunction (0x44) operator, a different vulnerability than CVE-2010-2173.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2174	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:7577

Oval ID:	oval:org.mitre.oval:def:7577
Title:	Adobe Flash Player Buffer Overflow Vulnerability
Description:	Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-2185	Version:	18
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Check if Adobe AIR version is less than or equal 1.5.3.9130 OR Vulnerable version of Adobe Flash Player Adobe Flash Player before 9.0.277.0 installed Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than 9.0.277.0 OR Adobe Flash Player 10.x through 10.0.45.2 installed Adobe Flash Player 10 is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.45.2 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Flash.ocx 10 section Determine if the version of Flash.ocx is less than or equal 10.0.45.2 AND Determine if the version of Flash.ocx is greater than or equal 10.0 OR Flash.ocx 9 section Determine if the version of Flash.ocx is less than 9.0.277.0 AND Determine if the version of Flash.ocx is greater than or equal 9.0

Definition Id: oval:org.mitre.oval:def:8393

Oval ID:	oval:org.mitre.oval:def:8393
Title:	Adobe Flash Player and AIR Denial of Service Vulnerability
Description:	Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 allow remote attackers to cause a denial of service (application crash) via a modified SWF file.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-0187	Version:	13
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player Adobe AIR
Definition Synopsis:
Vulnerable version of Adobe AIR Adobe AIR is installed AND Adobe AIR version is less than or equal 1.5.3.9120 OR Vulnerable version of Adobe Flash Player Adobe Flash Player is installed AND Adobe Flash Player version installed on the system is less than or equal 10.0.42.34 OR Flash.ocx section ActiveX Control is installed AND Determine if the version of Flash.ocx is less than or equal 10.0.42.34

CPE : Common Platform Enumeration

Type	Description	Count
Application	Adobe Adobe Air cpe:2.3:a:adobe:adobe_air:1.5.3.9120:::::::* cpe:2.3:a:adobe:adobe_air:1.5.3:::::::* cpe:2.3:a:adobe:adobe_air:1.5.2:::::::* cpe:2.3:a:adobe:adobe_air:1.5.1.8210:::::::* cpe:2.3:a:adobe:adobe_air:1.5.1:::::::* cpe:2.3:a:adobe:adobe_air:1.5.0.7220:::::::* cpe:2.3:a:adobe:adobe_air:1.5:::::::* cpe:2.3:a:adobe:adobe_air:1.1.0.5790:::::::* cpe:2.3:a:adobe:adobe_air:1.1:::::::* cpe:2.3:a:adobe:adobe_air:1.0.8.4990:::::::* cpe:2.3:a:adobe:adobe_air:1.0.4990:::::::* cpe:2.3:a:adobe:adobe_air:1.0.1:::::::* cpe:2.3:a:adobe:adobe_air:1.0:::::::* cpe:2.3:a:adobe:adobe_air:::::::: cpe:2.3:a:adobe:adobe_air:-:::::::*	15
Application	Adobe Air cpe:2.3:a:adobe:air:2.0.0:::::::* cpe:2.3:a:adobe:air:1.5.3.9130:::::::* cpe:2.3:a:adobe:air:1.5.3:::::::* cpe:2.3:a:adobe:air:1.5.2:::::::* cpe:2.3:a:adobe:air:1.5.1:::::::* cpe:2.3:a:adobe:air:1.5:::::::* cpe:2.3:a:adobe:air:1.1:::::::* cpe:2.3:a:adobe:air:1.01:::::::* cpe:2.3:a:adobe:air:1.0:::::::* cpe:2.3:a:adobe:air::::::::	10
Application	Adobe Flash Player cpe:2.3:a:adobe:flash_player:10.1.52.15:::::::* cpe:2.3:a:adobe:flash_player:10.1.52.14.1:::::::* cpe:2.3:a:adobe:flash_player:10.1.52.14:::::::* cpe:2.3:a:adobe:flash_player:10.1:::::::* cpe:2.3:a:adobe:flash_player:10.0.45.2:::::::* cpe:2.3:a:adobe:flash_player:10.0.42.34:::::::* cpe:2.3:a:adobe:flash_player:10.0.32.18:::::::* cpe:2.3:a:adobe:flash_player:10.0.22.87:::::::* cpe:2.3:a:adobe:flash_player:10.0.2.54:::::::* cpe:2.3:a:adobe:flash_player:10.0.15.3:::::::* cpe:2.3:a:adobe:flash_player:10.0.12.36:::::::* cpe:2.3:a:adobe:flash_player:10.0.12.10:::::::* cpe:2.3:a:adobe:flash_player:10.0.0.584:::::::* cpe:2.3:a:adobe:flash_player:10:::::::* cpe:2.3:a:adobe:flash_player:9.125.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.9.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.8.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.48.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.47.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.45.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.31.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.31:::::::* cpe:2.3:a:adobe:flash_player:9.0.283.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.280:::::::* cpe:2.3:a:adobe:flash_player:9.0.28.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.28.0::mac_os_x::::: cpe:2.3:a:adobe:flash_player:9.0.28:::::::* cpe:2.3:a:adobe:flash_player:9.0.277.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.262.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.260.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.246.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.20.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.20:::::::* cpe:2.3:a:adobe:flash_player:9.0.18d60:::::::* cpe:2.3:a:adobe:flash_player:9.0.16.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.16:::::::* cpe:2.3:a:adobe:flash_player:9.0.16::windows::::: cpe:2.3:a:adobe:flash_player:9.0.159.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.155.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.152.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.151.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.125.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.124.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.115.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.114.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.112.0:::::::* cpe:2.3:a:adobe:flash_player:9.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.42.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.39.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.35.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.34.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.33.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.24.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.22.0:::::::* cpe:2.3:a:adobe:flash_player:8.0:::::::* cpe:2.3:a:adobe:flash_player:8.0::pro::::: cpe:2.3:a:adobe:flash_player:8.0::basic::::: cpe:2.3:a:adobe:flash_player:8::professional::::: cpe:2.3:a:adobe:flash_player:8::pro::::: cpe:2.3:a:adobe:flash_player:7.2:::::::* cpe:2.3:a:adobe:flash_player:7.1.1:::::::* cpe:2.3:a:adobe:flash_player:7.1:::::::* cpe:2.3:a:adobe:flash_player:7.0.73.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.70.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.69.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.68.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.67.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.66.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.63:::::::* cpe:2.3:a:adobe:flash_player:7.0.63::linux::::: cpe:2.3:a:adobe:flash_player:7.0.61.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.60.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.53.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.25:::::::* cpe:2.3:a:adobe:flash_player:7.0.24.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.19.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.14.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.1:::::::* cpe:2.3:a:adobe:flash_player:7.0_r67::solaris::::: cpe:2.3:a:adobe:flash_player:7.0_r67:::::::* cpe:2.3:a:adobe:flash_player:7.0:::::::* cpe:2.3:a:adobe:flash_player:6.0.79:::::::* cpe:2.3:a:adobe:flash_player:6.0.21.0:::::::* cpe:2.3:a:adobe:flash_player:6:::::::* cpe:2.3:a:adobe:flash_player:5:::::::* cpe:2.3:a:adobe:flash_player:4:::::::* cpe:2.3:a:adobe:flash_player:3:::::::* cpe:2.3:a:adobe:flash_player:2:::::::* cpe:2.3:a:adobe:flash_player:mx_2004:::::::* cpe:2.3:a:adobe:flash_player:cs4::pro::::: cpe:2.3:a:adobe:flash_player:cs3::pro::::: cpe:2.3:a:adobe:flash_player:cs3::professional::::: cpe:2.3:a:adobe:flash_player:::::::: cpe:2.3:a:adobe:flash_player:::basic:::::* cpe:2.3:a:adobe:flash_player:::pro:::::* cpe:2.3:a:adobe:flash_player::::::edge::* cpe:2.3:a:adobe:flash_player::::::internet_explorer_11::* cpe:2.3:a:adobe:flash_player::::::chrome::* cpe:2.3:a:adobe:flash_player:-:::::::*	99
Application	Macromedia Flash Player cpe:2.3:a:macromedia:flash_player:5.0.58.0:::::::* cpe:2.3:a:macromedia:flash_player:5.0.42.0:::::::* cpe:2.3:a:macromedia:flash_player:5.0.41.0:::::::* cpe:2.3:a:macromedia:flash_player:5.0.30.0:::::::* cpe:2.3:a:macromedia:flash_player:5.0:::::::*	5
Os	Opensuse cpe:2.3:o:opensuse:opensuse:11.2:::::::* cpe:2.3:o:opensuse:opensuse:11.1:::::::* cpe:2.3:o:opensuse:opensuse:11.0:::::::* cpe:2.3:o:opensuse:opensuse:10.3:::::::* cpe:2.3:o:opensuse:opensuse:10.2:::::::* cpe:2.3:o:opensuse:opensuse:10.0:::::::*	6
Os	Suse Linux Enterprise cpe:2.3:o:suse:linux_enterprise:11.0:sp1:::::: cpe:2.3:o:suse:linux_enterprise:11.0:-:::::: cpe:2.3:o:suse:linux_enterprise:10.0:sp3::::::	3

SAINT Exploits

Description	Link
Adobe Reader authplay.dll newfunction Memory Corruption	More info here

ExploitDB Exploits

id	Description
2010-09-25	Adobe Flash Player "newfunction" Invalid Pointer Use
2010-09-20	Adobe Flash Player "newfunction" Invalid Pointer Use
2010-09-01	MOAUB #1 - Adobe Acrobat Reader and Flash Player
2010-06-09	Adobe Flash and Reader - 0day Exploit PoC (from the wild)

OpenVAS Exploits

Date	Description
2011-09-07	Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) File : nvt/gb_macosx_su10-007.nasl
2011-03-09	Name : Gentoo Security Advisory GLSA 201101-09 (adobe-flash) File : nvt/glsa_201101_09.nasl
2011-03-09	Name : Gentoo Security Advisory GLSA 201009-05 (acroread) File : nvt/glsa_201009_05.nasl
2010-09-10	Name : SuSE Update for acroread SUSE-SA:2010:037 File : nvt/gb_suse_2010_037.nasl
2010-08-21	Name : FreeBSD Ports: linux-flashplugin File : nvt/freebsd_linux-flashplugin9.nasl
2010-08-16	Name : SuSE Update for flash-player SUSE-SA:2010:034 File : nvt/gb_suse_2010_034.nasl
2010-07-12	Name : SuSE Update for acroread SUSE-SA:2010:029 File : nvt/gb_suse_2010_029.nasl
2010-07-06	Name : FreeBSD Ports: linux-flashplugin File : nvt/freebsd_linux-flashplugin8.nasl
2010-06-23	Name : SuSE Update for flash-player SUSE-SA:2010:024 File : nvt/gb_suse_2010_024.nasl
2010-06-22	Name : Adobe Flash Player/Air Multiple Vulnerabilities - June10 (Linux) File : nvt/secpod_adobe_prdts_mult_vuln_jun10_lin.nasl
2010-06-22	Name : Adobe Flash Player/Air Multiple Vulnerabilities - June10 (Win) File : nvt/secpod_adobe_prdts_mult_vuln_jun10_win.nasl
2010-06-15	Name : Adobe Products Remote Code Execution Vulnerability - jun10 (Win) File : nvt/gb_adobe_prdts_code_exec_vuln_win_jun10.nasl
2010-06-15	Name : Adobe Products Remote Code Execution Vulnerability - jun10 (Linux) File : nvt/gb_adobe_prdts_code_exec_vuln_lin_jun10.nasl
2010-02-19	Name : Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Win) File : nvt/gb_adobe_prdts_mult_vuln_feb10_win.nasl
2010-02-19	Name : Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Linux) File : nvt/gb_adobe_prdts_mult_vuln_feb10_lin.nasl
2010-02-18	Name : FreeBSD Ports: linux-flashplugin File : nvt/freebsd_linux-flashplugin7.nasl
2009-03-13	Name : Ubuntu USN-731-1 (apache2) File : nvt/ubuntu_731_1.nasl
2009-03-13	Name : Ubuntu USN-732-1 (dash) File : nvt/ubuntu_732_1.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
67058	Adobe Flash Player ActionScript connect Method Memory Corruption
66119	Adobe Flash Player ActionScript Virtual Machine newFrameState Method Remote O...
65599	Adobe Flash Player / AIR LocalConnection Connect Method Memory Corruption
65598	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2187)
65597	Adobe Flash Player / AIR Unspecified Application Crash DoS (2010-2186)
65596	Adobe Flash Player / AIR Unspecified Overflow (2010-2185)
65595	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2184)
65594	Adobe Flash Player / AIR Unspecified Overflow (2010-2183)
65593	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2182)
65592	Adobe Flash Player / AIR Unspecified Overflow (2010-2181)
65591	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2180)
65590	Adobe Flash Player / AIR Unspecified URL Parsing XSS (2010-2179)
65589	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2178)
65588	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2177)
65587	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2176)
65586	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2175)
65585	Adobe Flash Player / AIR newfunction Operator Processing Invalid Pointer Arbi...
65584	Adobe Flash Player / AIR newclass Operator Processing Invalid Pointer Arbitra...
65583	Adobe Flash Player on UNIX Unspecified DoS (2010-2172)
65582	Adobe Flash Player / AIR Multiple Tag JPEG Parsing Memory Corruption
65581	Adobe Flash Player / AIR Unspecified Overflow (2010-2170)
65580	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2169)
65579	Adobe Flash Player / AIR GIF/JPEG Processing Multiple Unspecified Overflows
65578	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2166)
65577	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2165)
65576	Adobe Flash Player / AIR Unspecified Function Image Type Use-after-free Arbit...
65575	Adobe Flash Player / AIR Multiple Unspecified Arbitrary Code Execution (2010-...
65574	Adobe Flash Player / AIR Atom MP4 Parsing Memory Corruption
65573	Adobe Flash Player / AIR Unspecified Code Type Array Index Arbitrary Code Exe...
65572	Adobe Flash Player / AIR ActionScript Virtual Machine 2 getouterscope Opcode ...
65532	Adobe Flash Player / AIR Unspecified Memory Consumption DoS (2009-3793)
65141	Adobe Multiple Products SWF Handling Arbitrary Code Execution
62370	Adobe Flash Player / AIR Crafted SWF File DoS
50073	Adobe Flash Player Differential SWF File Version Response DoS

Snort® IPS/IDS

Date	Description
2015-03-31	Adobe Flash Player decompressing denial of service attempt RuleID : 33635 - Revision : 2 - Type : FILE-FLASH
2015-03-31	Adobe Flash Player decompressing denial of service attempt RuleID : 33634 - Revision : 2 - Type : FILE-FLASH
2014-01-10	Adobe Flash Player newfunction memory corruption attempt RuleID : 28676 - Revision : 5 - Type : FILE-FLASH
2014-01-10	Adobe Flash Player newfunction memory corruption attempt RuleID : 28675 - Revision : 5 - Type : FILE-FLASH
2014-01-10	Adobe Flash Player newfunction memory corruption attempt RuleID : 28674 - Revision : 5 - Type : FILE-FLASH
2014-01-10	Adobe Flash Player newfunction memory corruption attempt RuleID : 28673 - Revision : 5 - Type : FILE-FLASH
2014-01-10	Teletubbies exploit kit payload download RuleID : 27886 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Teletubbies exploit kit exploit attempt for Adobe Flash Player RuleID : 27881 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Adobe Flash Player newfunction memory corruption exploit attempt RuleID : 23592 - Revision : 7 - Type : FILE-FLASH
2014-01-10	Adobe Flash Player newfunction memory corruption attempt RuleID : 23591 - Revision : 7 - Type : FILE-FLASH
2014-01-10	Adobe Flash use-after-free attack attempt RuleID : 23579 - Revision : 6 - Type : FILE-FLASH
2014-01-10	Adobe flash player newfunction memory corruption attempt RuleID : 23512 - Revision : 5 - Type : FILE-PDF
2014-01-10	Adobe Acrobat Reader authplay.dll vulnerability exploit attempt RuleID : 23511 - Revision : 7 - Type : FILE-PDF
2014-01-10	Adobe Acrobat Reader File containing Flash use-after-free attack attempt RuleID : 23510 - Revision : 7 - Type : FILE-PDF
2014-01-10	Adobe Acrobat Reader malformed Richmedia annotation exploit attempt RuleID : 23509 - Revision : 5 - Type : FILE-PDF
2014-01-10	Adobe Flash Player newfunction memory corruption attempt RuleID : 23265 - Revision : 11 - Type : FILE-FLASH
2014-01-10	Adobe Flash Player newfunction memory corruption attempt RuleID : 23264 - Revision : 10 - Type : FILE-FLASH
2014-01-10	Adobe flash player newfunction memory corruption attempt RuleID : 23263 - Revision : 9 - Type : FILE-PDF
2014-01-10	Phoenix exploit kit post-compromise behavior RuleID : 21860 - Revision : 5 - Type : MALWARE-CNC
2014-01-10	Phoenix exploit kit landing page RuleID : 21640 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	ShockwaveFlash.ShockwaveFlash ActiveX clsid access RuleID : 20875 - Revision : 7 - Type : BROWSER-PLUGINS
2014-01-10	Adobe Flash Player memory consumption vulnerability RuleID : 20050 - Revision : 12 - Type : FILE-FLASH
2014-01-10	Adobe Flash Player newfunction memory corruption exploit attempt RuleID : 19408 - Revision : 12 - Type : FILE-FLASH
2014-01-10	Adobe Flash Player SWF file MP4 data parsing memory corruption attempt RuleID : 19148 - Revision : 15 - Type : FILE-MULTIMEDIA
2014-01-10	Adobe Flash Player newfunction memory corruption attempt RuleID : 19145 - Revision : 13 - Type : FILE-FLASH
2014-01-10	Adobe Acrobat Reader authplay.dll vulnerability exploit attempt RuleID : 16664 - Revision : 12 - Type : FILE-PDF
2014-01-10	Adobe Flash use-after-free attack attempt RuleID : 16634 - Revision : 16 - Type : FILE-FLASH
2014-01-10	Adobe Acrobat Reader File containing Flash use-after-free attack attempt RuleID : 16633 - Revision : 19 - Type : FILE-PDF
2014-01-10	Adobe Acrobat Reader malformed Richmedia annotation exploit attempt RuleID : 16545 - Revision : 21 - Type : FILE-PDF

Nessus® Vulnerability Scanner

Date	Description
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_3_flash-player-100811.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_3_acroread-100826.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0470.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0464.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2010-0102.nasl - Type : ACT_GATHER_INFO
2011-01-27	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_flash-player-7071.nasl - Type : ACT_GATHER_INFO
2011-01-27	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_flash-player-6845.nasl - Type : ACT_GATHER_INFO
2011-01-27	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_flash-player-6844.nasl - Type : ACT_GATHER_INFO
2011-01-27	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread_ja-7132.nasl - Type : ACT_GATHER_INFO
2011-01-27	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread_ja-7086.nasl - Type : ACT_GATHER_INFO
2011-01-27	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread-7131.nasl - Type : ACT_GATHER_INFO
2011-01-27	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_acroread-7087.nasl - Type : ACT_GATHER_INFO
2011-01-24	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201101-09.nasl - Type : ACT_GATHER_INFO
2010-12-02	Name : The remote SuSE 11 host is missing a security update. File : suse_11_acroread_ja-100825.nasl - Type : ACT_GATHER_INFO
2010-12-02	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_acroread-100702.nasl - Type : ACT_GATHER_INFO
2010-12-02	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_acroread-100825.nasl - Type : ACT_GATHER_INFO
2010-12-02	Name : The remote SuSE 11 host is missing a security update. File : suse_11_acroread_ja-100702.nasl - Type : ACT_GATHER_INFO
2010-12-02	Name : The remote SuSE 11 host is missing a security update. File : suse_11_flash-player-100611.nasl - Type : ACT_GATHER_INFO
2010-12-02	Name : The remote SuSE 11 host is missing a security update. File : suse_11_flash-player-100811.nasl - Type : ACT_GATHER_INFO
2010-11-10	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_5.nasl - Type : ACT_GATHER_INFO
2010-11-10	Name : The remote host is missing a Mac OS X update that fixes security issues. File : macosx_SecUpd2010-007.nasl - Type : ACT_GATHER_INFO
2010-09-08	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201009-05.nasl - Type : ACT_GATHER_INFO
2010-09-02	Name : The remote openSUSE host is missing a security update. File : suse_11_2_acroread-100826.nasl - Type : ACT_GATHER_INFO
2010-09-02	Name : The remote openSUSE host is missing a security update. File : suse_11_1_acroread-100826.nasl - Type : ACT_GATHER_INFO
2010-08-19	Name : The version of Adobe Acrobat on the remote Windows host is affected by multip... File : adobe_acrobat_apsb10-17.nasl - Type : ACT_GATHER_INFO
2010-08-19	Name : The version of Adobe Reader on the remote Windows host is affected by multipl... File : adobe_reader_apsb10-17.nasl - Type : ACT_GATHER_INFO
2010-08-14	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_e19e74a4a71211dfb234001b2134ef46.nasl - Type : ACT_GATHER_INFO
2010-08-13	Name : The remote openSUSE host is missing a security update. File : suse_11_1_flash-player-100811.nasl - Type : ACT_GATHER_INFO
2010-08-13	Name : The remote openSUSE host is missing a security update. File : suse_11_2_flash-player-100811.nasl - Type : ACT_GATHER_INFO
2010-08-11	Name : The remote Windows host contains a version of Adobe AIR that is affected by m... File : adobe_air_apsb10-16.nasl - Type : ACT_GATHER_INFO
2010-08-11	Name : The remote Windows host contains a browser plug-in that is affected by multip... File : flash_player_apsb10-16.nasl - Type : ACT_GATHER_INFO
2010-07-28	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2010-0503.nasl - Type : ACT_GATHER_INFO
2010-07-09	Name : The remote openSUSE host is missing a security update. File : suse_11_1_acroread-100708.nasl - Type : ACT_GATHER_INFO
2010-07-09	Name : The remote openSUSE host is missing a security update. File : suse_11_2_acroread-100706.nasl - Type : ACT_GATHER_INFO
2010-07-09	Name : The remote openSUSE host is missing a security update. File : suse_11_0_acroread-100708.nasl - Type : ACT_GATHER_INFO
2010-06-30	Name : The version of Adobe Acrobat on the remote Windows host is affected by multip... File : adobe_acrobat_apsb10-15.nasl - Type : ACT_GATHER_INFO
2010-06-30	Name : The version of Adobe Reader on the remote Windows host is affected by multipl... File : adobe_reader_apsb10-15.nasl - Type : ACT_GATHER_INFO
2010-06-16	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_144e524a77eb11dfae06001b2134ef46.nasl - Type : ACT_GATHER_INFO
2010-06-15	Name : The remote host is missing a Mac OS X update that fixes a security issue. File : macosx_SecUpd2010-004.nasl - Type : ACT_GATHER_INFO
2010-06-15	Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_6_4.nasl - Type : ACT_GATHER_INFO
2010-06-14	Name : The remote openSUSE host is missing a security update. File : suse_11_0_flash-player-100611.nasl - Type : ACT_GATHER_INFO
2010-06-14	Name : The remote openSUSE host is missing a security update. File : suse_11_2_flash-player-100611.nasl - Type : ACT_GATHER_INFO
2010-06-14	Name : The remote openSUSE host is missing a security update. File : suse_11_1_flash-player-100611.nasl - Type : ACT_GATHER_INFO
2010-06-10	Name : The remote Windows host contains a browser plug-in that is affected by a code... File : flash_player_apsb10-14.nasl - Type : ACT_GATHER_INFO
2010-06-10	Name : The remote Windows host contains a version of Adobe AIR that is affected by m... File : adobe_air_apsb10-14.nasl - Type : ACT_GATHER_INFO
2010-02-17	Name : The remote SuSE 11 host is missing a security update. File : suse_11_flash-player-100214.nasl - Type : ACT_GATHER_INFO
2010-02-17	Name : The remote openSUSE host is missing a security update. File : suse_11_2_flash-player-100214.nasl - Type : ACT_GATHER_INFO
2010-02-17	Name : The remote openSUSE host is missing a security update. File : suse_11_1_flash-player-100214.nasl - Type : ACT_GATHER_INFO
2010-02-17	Name : The remote openSUSE host is missing a security update. File : suse_11_0_flash-player-100214.nasl - Type : ACT_GATHER_INFO
2010-02-15	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_ff6519ad18e511df9bdd001b2134ef46.nasl - Type : ACT_GATHER_INFO
2010-02-12	Name : The remote Windows host contains a browser plug-in that is affected by multip... File : flash_player_apsb10_06.nasl - Type : ACT_GATHER_INFO
2010-02-12	Name : The remote Windows host contains a version of Adobe AIR that is affected by m... File : adobe_air_apsb10-06.nasl - Type : ACT_GATHER_INFO
2009-07-21	Name : The remote openSUSE host is missing a security update. File : suse_11_0_flash-player-081107.nasl - Type : ACT_GATHER_INFO
2008-11-12	Name : The remote openSUSE host is missing a security update. File : suse_flash-player-5747.nasl - Type : ACT_GATHER_INFO
2008-11-12	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_flash-player-5757.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:53:33	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	31
Oval ID(s)	65
CPE ID(s)	138
Saint Exploit(s)	1
osvdb(s)	34
ExploitDB Exploit(s)	4
Openvas Exploit(s)	18
Snort® Rule(s)	29
Nessus® Exploit(s)	55

	Related
9.3	CVE-2010-2188
9.3	CVE-2010-2187
9.3	CVE-2010-2186
9.3	CVE-2010-2185
9.3	CVE-2010-2184
9.3	CVE-2010-2183
9.3	CVE-2010-2182
9.3	CVE-2010-2181
9.3	CVE-2010-2180
9.3	CVE-2010-2178
9.3	CVE-2010-2177
9.3	CVE-2010-2176
9.3	CVE-2010-2175
9.3	CVE-2010-2174
9.3	CVE-2010-2173
9.3	CVE-2010-2171
9.3	CVE-2010-2170
9.3	CVE-2010-2169
9.3	CVE-2010-2167
9.3	CVE-2010-2166
9.3	CVE-2010-2165
9.3	CVE-2010-2164
9.3	CVE-2010-2163
9.3	CVE-2010-2162
9.3	CVE-2010-2161
9.3	CVE-2010-2160
9.3	CVE-2009-3793
7.8	CVE-2010-1297
4.3	CVE-2010-2179
4.3	CVE-2010-2172
4.3	CVE-2010-0187
4.3	CVE-2008-4546
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 32 more Alert(s)