CVE-2010-2169Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe AIR

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents5 sources
Severity
9.3CRITICALNVD
EPSS
0.5%
top 34.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Adobe AIRAdobe Flash PlayerMacromedia Flash Player
Timeline
PublishedJun 15
Latest updateMay 14

Description

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allow attackers to cause a denial of service (pointer memory corruption) or possibly execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

NVDadobe/flash_player10.0.45.2+54
NVDadobe/air1.5.3.9130+6
NVDmacromedia/flash_player5 versions+4

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

2
GHSA
GHSA-9xj4-w6g9-mg72: Adobe Flash Player before 92022-05-14
CVEList
CVE-2010-2169: Adobe Flash Player before 92010-06-15

📋Vendor Advisories

1
Red Hat
flash-plugin: multiple security flaws (APSB10-14)2010-06-10

💬Community

1
Bugzilla
flash-plugin: multiple security flaws (APSB10-14)2010-06-10
CVE-2010-2169 — Adobe AIR vulnerability | cvebase