CVE-2010-2216

CWE-94 — Code Injection9 documents5 sources

Severity

9.3CRITICAL

EPSS

1.3%

top 20.58%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Flash Player Adobe Adobe AIR Adobe Flash Player FOR Linux

Timeline

PublishedAug 11

Latest updateMay 14

Description

Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2214.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

▶NVDadobe/flash_player10.1.53.64+46

▶NVDadobe/adobe_air6 versions+5

🔴Vulnerability Details

GHSA

GHSA-248p-gq7w-24rp: Adobe Flash Player before 9↗2022-05-14

▶

CVEList

CVE-2010-2216: Adobe Flash Player before 9↗2010-08-11

▶

📋Vendor Advisories

Red Hat

flash-plugin: multiple security flaws (APSB10-16)↗2010-08-10

▶

Red Hat

flash-plugin: multiple security flaws (APSB10-16)↗2010-08-10

▶

Red Hat

flash-plugin: multiple security flaws (APSB10-16)↗2010-08-10

▶

Red Hat

flash-plugin: multiple security flaws (APSB10-16)↗2010-08-10

▶

💬Community

Bugzilla

CVE-2010-0209 CVE-2010-2213 CVE-2010-2214 CVE-2010-2215 CVE-2010-2216 flash-plugin: multiple security flaws (APSB10-16)↗2010-08-10

▶

Bugzilla

CVE-2010-2483 libtiff: out-of-bounds read crash on images with invalid SamplesPerPixel values↗2010-07-06

▶