CVE-2010-3975 — Adobe Flash Player vulnerability

2 documents2 sources

Severity

9.3CRITICALNVD

EPSS

6.1%

top 9.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Flash Player

Timeline

PublishedOct 19

Latest updateMay 14

Description

Untrusted search path vulnerability in Adobe Flash Player 9 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse schannel.dll that is located in the same folder as a file that is processed by Flash.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDadobe/flash_player9.0

🔴Vulnerability Details

GHSA

GHSA-6hc8-r2j3-8r4p: Untrusted search path vulnerability in Adobe Flash Player 9 allows local users, and possibly remote attackers, to execute arbitrary code and conduct D↗2022-05-14

▶