CVE-2010-2170Adobe AIR vulnerability

CWE-18913 documents5 sources
Severity
9.3CRITICALNVD
EPSS
1.6%
top 18.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Adobe AIRAdobe Flash PlayerMacromedia Flash Player
Timeline
PublishedJun 15
Latest updateMay 14

Description

Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2181 and CVE-2010-2183.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

NVDadobe/flash_player10.0.45.2+54
NVDadobe/air1.5.3.9130+6
NVDmacromedia/flash_player5 versions+4

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

6
GHSA
GHSA-vm96-4qrg-6r96: Integer overflow in Adobe Flash Player before 92022-05-14
GHSA
GHSA-whpq-x3wf-fq4q: Integer overflow in Adobe Flash Player before 92022-05-14
GHSA
GHSA-8xwf-9fxw-xh59: Integer overflow in Adobe Flash Player before 92022-05-14
CVEList
CVE-2010-2183: Integer overflow in Adobe Flash Player before 92010-06-15
CVEList
CVE-2010-2170: Integer overflow in Adobe Flash Player before 92010-06-15

📋Vendor Advisories

3
Red Hat
flash-plugin: multiple security flaws (APSB10-14)2010-06-10
Red Hat
flash-plugin: multiple security flaws (APSB10-14)2010-06-10
Red Hat
flash-plugin: multiple security flaws (APSB10-14)2010-06-10

💬Community

1
Bugzilla
flash-plugin: multiple security flaws (APSB10-14)2010-06-10
CVE-2010-2170 — Adobe AIR vulnerability | cvebase