CVE-2010-2185Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe AIR

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents5 sources
Severity
9.3CRITICALNVD
EPSS
1.2%
top 21.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Adobe AIRAdobe Flash PlayerMacromedia Flash Player
Timeline
PublishedJun 15
Latest updateMay 14

Description

Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

NVDadobe/flash_player10.0.45.2+54
NVDadobe/air1.5.3.9130+6
NVDmacromedia/flash_player5 versions+4

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

2
GHSA
GHSA-9qf3-m5jr-899m: Buffer overflow in Adobe Flash Player before 92022-05-14
CVEList
CVE-2010-2185: Buffer overflow in Adobe Flash Player before 92010-06-15

📋Vendor Advisories

1
Red Hat
flash-plugin: multiple security flaws (APSB10-14)2010-06-10

💬Community

1
Bugzilla
flash-plugin: multiple security flaws (APSB10-14)2010-06-10
CVE-2010-2185 — Adobe AIR vulnerability | cvebase