CVE-2010-2217

CWE-94 — Code Injection3 documents3 sources

Severity

10.0CRITICAL

EPSS

6.0%

top 9.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Flash Media Server Adobe Flash Media Server 2

Timeline

PublishedAug 11

Latest updateMay 17

Description

Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to execute arbitrary code via unspecified vectors, related to a "JS method vulnerability."

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDadobe/flash_media_server3.0.5+15

▶NVDadobe/flash_media2.0.4

Patches

Patch: www.adobe.com ↗Patch: www.adobe.com ↗

🔴Vulnerability Details

GHSA

GHSA-qvjv-vp7f-48ch: Adobe Flash Media Server (FMS) before 3↗2022-05-17

▶

CVEList

CVE-2010-2217: Adobe Flash Media Server (FMS) before 3↗2010-08-11

▶