CVE-2010-0987
published 2010-05-13CVE-2010-0987: Heap-based buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allow remote attackers to execute arbitrary code via crafted embedded fonts in a…
PriorityP345high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
11.36%
95.4th percentile
Heap-based buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allow remote attackers to execute arbitrary code via crafted embedded fonts in a Shockwave file.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | shockwave_player | < 11.5.7.609 | 11.5.7.609 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2010-3560 JDK unspecified vulnerability in Networking component
bugzilla·2010-10-13·CVSS 2.6
CVE-2010-3560 [LOW] CVE-2010-3560 JDK unspecified vulnerability in Networking component
CVE-2010-3560 JDK unspecified vulnerability in Networking component
Update 22 of Oracle/Sun Java fixes an unspecified vulnerability in the Networking component (CVE-2010-3560). The CVSSv2 scored upstream is
cvss2=2.6/AV:N/AC:H/Au:N/C:P/I:N/A:N
Reference:
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
Discussion:
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2010:0770 https://rhn.redhat.com/errata/RHSA-2010-0770.html
---
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Extras for Red Hat Enterprise Linux 6
Via RHSA-2010:0987 https://rhn.redhat.com/errata/RHSA-2010-0987.html
---
This issue has been addressed in following
Bugzilla
CVE-2010-3563 OpenJDK: unspecified vulnerability in Deployment component
bugzilla·2010-10-13·CVSS 10.0
CVE-2010-3563 [CRITICAL] CVE-2010-3563 OpenJDK: unspecified vulnerability in Deployment component
CVE-2010-3563 OpenJDK: unspecified vulnerability in Deployment component
Update 22 of Oracle/Sun Java fixes an unspecified vulnerability in the Deployment component (CVE-2010-3563). The CVSSv2 scored upstream is
cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P
Reference:
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
Discussion:
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2010:0770 https://rhn.redhat.com/errata/RHSA-2010-0770.html
---
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Extras for Red Hat Enterprise Linux 6
Via RHSA-2010:0987 https://rhn.redhat.com/errata/RHSA-2010-0987.html
---
This issue has been addressed in foll
Bugzilla
CVE-2010-3558 JDK unspecified vulnerability in Java Web Start component
bugzilla·2010-10-13·CVSS 10.0
CVE-2010-3558 [CRITICAL] CVE-2010-3558 JDK unspecified vulnerability in Java Web Start component
CVE-2010-3558 JDK unspecified vulnerability in Java Web Start component
Update 22 of Oracle/Sun Java fixes an unspecified vulnerability in the Java Web Start component (CVE-2010-3558). The CVSSv2 scored upstream is
cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P
Reference:
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
Discussion:
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2010:0770 https://rhn.redhat.com/errata/RHSA-2010-0770.html
---
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Extras for Red Hat Enterprise Linux 6
Via RHSA-2010:0987 https://rhn.redhat.com/errata/RHSA-2010-0987.html
---
This issue has been addressed in f
Bugzilla
CVE-2010-3555 JDK unspecified vulnerability in Deployment component
bugzilla·2010-10-13·CVSS 9.3
CVE-2010-3555 [CRITICAL] CVE-2010-3555 JDK unspecified vulnerability in Deployment component
CVE-2010-3555 JDK unspecified vulnerability in Deployment component
Update 22 of Oracle/Sun Java fixes an unspecified vulnerability in the Deployment component (CVE-2010-3555). The CVSSv2 scored upstream is
cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P
Reference:
http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html
Discussion:
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Via RHSA-2010:0770 https://rhn.redhat.com/errata/RHSA-2010-0770.html
---
This issue has been addressed in following products:
Extras for RHEL 4
Extras for Red Hat Enterprise Linux 5
Extras for Red Hat Enterprise Linux 6
Via RHSA-2010:0987 https://rhn.redhat.com/errata/RHSA-2010-0987.html
---
This issue has been addressed in following
http://secunia.com/advisories/38751http://secunia.com/secunia_research/2010-50/http://www.adobe.com/support/security/bulletins/apsb10-12.htmlhttp://www.securityfocus.com/archive/1/511265/100/0/threadedhttp://www.securityfocus.com/bid/40093http://www.vupen.com/english/advisories/2010/1128https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7052http://secunia.com/advisories/38751http://secunia.com/secunia_research/2010-50/http://www.adobe.com/support/security/bulletins/apsb10-12.htmlhttp://www.securityfocus.com/archive/1/511265/100/0/threadedhttp://www.securityfocus.com/bid/40093http://www.vupen.com/english/advisories/2010/1128https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7052
2010-05-13
Published