CVE-2010-0209

CWE-94Code Injection10 documents6 sources
Severity
9.3CRITICAL
EPSS
1.3%
top 20.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Adobe Flash PlayerAdobe Adobe AIRAdobe Flash Player FOR Linux
Timeline
PublishedAug 11
Latest updateMay 2

Description

Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2213, CVE-2010-2214, and CVE-2010-2216.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDadobe/flash_player10.1.53.64+46
NVDadobe/adobe_air6 versions+5

🔴Vulnerability Details

2
GHSA
GHSA-cc4q-35f8-jwmg: Adobe Flash Player before 92022-05-02
CVEList
CVE-2010-0209: Adobe Flash Player before 92010-08-11

💥Exploits & PoCs

2
Exploit-DB
Microsoft Windows - NTLM Weak Nonce (MS10-012)2010-10-17
Exploit-DB
Solaris - ypupdated Command Execution (Metasploit)2010-07-25

📋Vendor Advisories

4
Red Hat
flash-plugin: multiple security flaws (APSB10-16)2010-08-10
Red Hat
flash-plugin: multiple security flaws (APSB10-16)2010-08-10
Red Hat
flash-plugin: multiple security flaws (APSB10-16)2010-08-10
Red Hat
flash-plugin: multiple security flaws (APSB10-16)2010-08-10

💬Community

1
Bugzilla
CVE-2010-0209 CVE-2010-2213 CVE-2010-2214 CVE-2010-2215 CVE-2010-2216 flash-plugin: multiple security flaws (APSB10-16)2010-08-10
CVE-2010-0209 (CRITICAL CVSS 9.3) | Adobe Flash Player before 9.0.280 a | cvebase.io