Vulnerability-Lookup

CVE-2010-3654 (GCVE-0-2010-3654)

Vulnerability from cvelistv5 – Published: 2010-10-29 18:00 – Updated: 2024-08-07 03:18

Summary

Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.

Severity ?

No CVSS data available.

CWE

Assigner

adobe

References

URL

Tags

	http://www.vupen.com/english/advisories/2011/0192	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/42183	third-party-advisoryx_refsource_SECUNIA
	http://contagiodump.blogspot.com/2010/10/potentia…	x_refsource_MISC
	http://support.apple.com/kb/HT4435	x_refsource_CONFIRM
	http://secunia.com/advisories/42030	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2011/0191	vdb-entryx_refsource_VUPEN
	http://blogs.sun.com/security/entry/multiple_vuln…	x_refsource_CONFIRM
	http://secunia.com/advisories/43025	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2011/0344	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/43026	third-party-advisoryx_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-201101-09.xml	vendor-advisoryx_refsource_GENTOO
	http://www.vupen.com/english/advisories/2010/2918	vdb-entryx_refsource_VUPEN
	http://www.vupen.com/english/advisories/2010/3111	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/41917	third-party-advisoryx_refsource_SECUNIA
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://security.gentoo.org/glsa/glsa-201101-08.xml	vendor-advisoryx_refsource_GENTOO
	http://www.redhat.com/support/errata/RHSA-2010-08…	vendor-advisoryx_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.securitytracker.com/id?1024660	vdb-entryx_refsource_SECTRACK
	http://secunia.com/advisories/42926	third-party-advisoryx_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2010-09…	vendor-advisoryx_refsource_REDHAT
	http://www.vupen.com/english/advisories/2010/2903	vdb-entryx_refsource_VUPEN
	http://www.vupen.com/english/advisories/2011/0173	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/42401	third-party-advisoryx_refsource_SECUNIA
	http://www.adobe.com/support/security/bulletins/a…	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/298081	third-party-advisoryx_refsource_CERT-VN
	http://www.securitytracker.com/id?1024659	vdb-entryx_refsource_SECTRACK
	http://www.turbolinux.co.jp/security/2011/TLSA-20…	vendor-advisoryx_refsource_TURBO
	http://www.securityfocus.com/bid/44504	vdb-entryx_refsource_BID
	http://www.adobe.com/support/security/advisories/…	x_refsource_CONFIRM
	http://www.adobe.com/support/security/bulletins/a…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://securityreason.com/securityalert/8210	third-party-advisoryx_refsource_SREASON
	http://www.vupen.com/english/advisories/2010/2906	vdb-entryx_refsource_VUPEN
	http://www.redhat.com/support/errata/RHSA-2010-08…	vendor-advisoryx_refsource_REDHAT
	http://www.redhat.com/support/errata/RHSA-2010-08…	vendor-advisoryx_refsource_REDHAT
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:18:52.940Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2011-0192",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0192"
          },
          {
            "name": "42183",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42183"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4435"
          },
          {
            "name": "42030",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42030"
          },
          {
            "name": "ADV-2011-0191",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0191"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
          },
          {
            "name": "43025",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43025"
          },
          {
            "name": "ADV-2011-0344",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0344"
          },
          {
            "name": "43026",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43026"
          },
          {
            "name": "GLSA-201101-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
          },
          {
            "name": "ADV-2010-2918",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2918"
          },
          {
            "name": "ADV-2010-3111",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3111"
          },
          {
            "name": "41917",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41917"
          },
          {
            "name": "APPLE-SA-2010-11-10-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
          },
          {
            "name": "GLSA-201101-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
          },
          {
            "name": "RHSA-2010:0834",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html"
          },
          {
            "name": "SUSE-SA:2010:055",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
          },
          {
            "name": "1024660",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1024660"
          },
          {
            "name": "42926",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42926"
          },
          {
            "name": "RHSA-2010:0934",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
          },
          {
            "name": "ADV-2010-2903",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2903"
          },
          {
            "name": "ADV-2011-0173",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0173"
          },
          {
            "name": "42401",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42401"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
          },
          {
            "name": "VU#298081",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/298081"
          },
          {
            "name": "1024659",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1024659"
          },
          {
            "name": "TLSA-2011-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_TURBO",
              "x_transferred"
            ],
            "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt"
          },
          {
            "name": "44504",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/44504"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.adobe.com/support/security/advisories/apsa10-05.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
          },
          {
            "name": "SUSE-SA:2010:058",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
          },
          {
            "name": "8210",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/8210"
          },
          {
            "name": "ADV-2010-2906",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2906"
          },
          {
            "name": "RHSA-2010:0867",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html"
          },
          {
            "name": "RHSA-2010:0829",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html"
          },
          {
            "name": "oval:org.mitre.oval:def:13294",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13294"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-10-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01.000Z",
        "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "shortName": "adobe"
      },
      "references": [
        {
          "name": "ADV-2011-0192",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0192"
        },
        {
          "name": "42183",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42183"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4435"
        },
        {
          "name": "42030",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42030"
        },
        {
          "name": "ADV-2011-0191",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0191"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
        },
        {
          "name": "43025",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43025"
        },
        {
          "name": "ADV-2011-0344",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0344"
        },
        {
          "name": "43026",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43026"
        },
        {
          "name": "GLSA-201101-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
        },
        {
          "name": "ADV-2010-2918",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2918"
        },
        {
          "name": "ADV-2010-3111",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3111"
        },
        {
          "name": "41917",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41917"
        },
        {
          "name": "APPLE-SA-2010-11-10-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
        },
        {
          "name": "GLSA-201101-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
        },
        {
          "name": "RHSA-2010:0834",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html"
        },
        {
          "name": "SUSE-SA:2010:055",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
        },
        {
          "name": "1024660",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1024660"
        },
        {
          "name": "42926",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42926"
        },
        {
          "name": "RHSA-2010:0934",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
        },
        {
          "name": "ADV-2010-2903",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2903"
        },
        {
          "name": "ADV-2011-0173",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0173"
        },
        {
          "name": "42401",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42401"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
        },
        {
          "name": "VU#298081",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/298081"
        },
        {
          "name": "1024659",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1024659"
        },
        {
          "name": "TLSA-2011-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_TURBO"
          ],
          "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt"
        },
        {
          "name": "44504",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/44504"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.adobe.com/support/security/advisories/apsa10-05.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
        },
        {
          "name": "SUSE-SA:2010:058",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
        },
        {
          "name": "8210",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/8210"
        },
        {
          "name": "ADV-2010-2906",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2906"
        },
        {
          "name": "RHSA-2010:0867",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html"
        },
        {
          "name": "RHSA-2010:0829",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html"
        },
        {
          "name": "oval:org.mitre.oval:def:13294",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13294"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@adobe.com",
          "ID": "CVE-2010-3654",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2011-0192",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0192"
            },
            {
              "name": "42183",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42183"
            },
            {
              "name": "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html",
              "refsource": "MISC",
              "url": "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4435",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4435"
            },
            {
              "name": "42030",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42030"
            },
            {
              "name": "ADV-2011-0191",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0191"
            },
            {
              "name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1",
              "refsource": "CONFIRM",
              "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
            },
            {
              "name": "43025",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43025"
            },
            {
              "name": "ADV-2011-0344",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0344"
            },
            {
              "name": "43026",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43026"
            },
            {
              "name": "GLSA-201101-09",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
            },
            {
              "name": "ADV-2010-2918",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/2918"
            },
            {
              "name": "ADV-2010-3111",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/3111"
            },
            {
              "name": "41917",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/41917"
            },
            {
              "name": "APPLE-SA-2010-11-10-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
            },
            {
              "name": "GLSA-201101-08",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
            },
            {
              "name": "RHSA-2010:0834",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html"
            },
            {
              "name": "SUSE-SA:2010:055",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
            },
            {
              "name": "1024660",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1024660"
            },
            {
              "name": "42926",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42926"
            },
            {
              "name": "RHSA-2010:0934",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
            },
            {
              "name": "ADV-2010-2903",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/2903"
            },
            {
              "name": "ADV-2011-0173",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0173"
            },
            {
              "name": "42401",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42401"
            },
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb10-26.html",
              "refsource": "CONFIRM",
              "url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
            },
            {
              "name": "VU#298081",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/298081"
            },
            {
              "name": "1024659",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1024659"
            },
            {
              "name": "TLSA-2011-2",
              "refsource": "TURBO",
              "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt"
            },
            {
              "name": "44504",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/44504"
            },
            {
              "name": "http://www.adobe.com/support/security/advisories/apsa10-05.html",
              "refsource": "CONFIRM",
              "url": "http://www.adobe.com/support/security/advisories/apsa10-05.html"
            },
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb10-28.html",
              "refsource": "CONFIRM",
              "url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
            },
            {
              "name": "SUSE-SA:2010:058",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
            },
            {
              "name": "8210",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/8210"
            },
            {
              "name": "ADV-2010-2906",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/2906"
            },
            {
              "name": "RHSA-2010:0867",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html"
            },
            {
              "name": "RHSA-2010:0829",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html"
            },
            {
              "name": "oval:org.mitre.oval:def:13294",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13294"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
    "assignerShortName": "adobe",
    "cveId": "CVE-2010-3654",
    "datePublished": "2010-10-29T18:00:00.000Z",
    "dateReserved": "2010-09-28T00:00:00.000Z",
    "dateUpdated": "2024-08-07T03:18:52.940Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2010-AVI-548

Vulnerability from certfr_avis - Published: 2010-11-12 - Updated: 2010-11-12

De nombreuses vulnérabilités ont été découvertes dans le système d'exploitation Mac OS X. Leur exploitation permet, entre autres, l'exécution de code arbitraire à distance.

Description

De multiples vulnérabilités ont été corrigées dans différents composants du système d'exploitation Mac OS X. Notamment :

AFP Server ;
AppKit ;
ATS ;
CFNetwork ;
CoreGraphics ;
CoreText ;
Directory Services ;
diskdev_cmds ;
Disk Images ;
Image Capture ;
ImageIO ;
Image RAW ;
Kernel ;
Networking ;
Password Server ;
Printing ;
QuickLook ;
QuickTime ;
Safari ;
Time Machine ;
Wiki Server ;
xar.

Cette mise à jour corrige également un grand nombre de vulnérabilités dans des logiciels inclus au système d'exploitation comme Apache, CUPS, Flash Player, gzip, MySQL, OpenLDAP, OpenSSL, PHP, python, X11.

Parmi les failles corrigées, certaines permettent l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Mac OS X Server 10.6.0 à 10.6.4.
N/A	N/A	Mac OS X 10.5.8 ;
N/A	N/A	Mac OS X 10.6.0 à 10.6.4 ;
N/A	N/A	Mac OS X Server 10.5.8 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple 2010-007 du 11 novembre 2010

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X Server 10.6.0 \u00e0 10.6.4.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X 10.5.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X 10.6.0 \u00e0 10.6.4 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server 10.5.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans diff\u00e9rents composants\ndu syst\u00e8me d\u0027exploitation Mac OS X. Notamment :\n\n-   AFP Server ;\n-   AppKit ;\n-   ATS ;\n-   CFNetwork ;\n-   CoreGraphics ;\n-   CoreText ;\n-   Directory Services ;\n-   diskdev_cmds ;\n-   Disk Images ;\n-   Image Capture ;\n-   ImageIO ;\n-   Image RAW ;\n-   Kernel ;\n-   Networking ;\n-   Password Server ;\n-   Printing ;\n-   QuickLook ;\n-   QuickTime ;\n-   Safari ;\n-   Time Machine ;\n-   Wiki Server ;\n-   xar.\n\nCette mise \u00e0 jour corrige \u00e9galement un grand nombre de vuln\u00e9rabilit\u00e9s\ndans des logiciels inclus au syst\u00e8me d\u0027exploitation comme Apache, CUPS,\nFlash Player, gzip, MySQL, OpenLDAP, OpenSSL, PHP, python, X11.\n\nParmi les failles corrig\u00e9es, certaines permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-3793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3793"
    },
    {
      "name": "CVE-2010-2167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2167"
    },
    {
      "name": "CVE-2010-2173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2173"
    },
    {
      "name": "CVE-2010-3783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3783"
    },
    {
      "name": "CVE-2010-2163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2163"
    },
    {
      "name": "CVE-2010-3642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3642"
    },
    {
      "name": "CVE-2009-4134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4134"
    },
    {
      "name": "CVE-2010-1803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1803"
    },
    {
      "name": "CVE-2010-3788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3788"
    },
    {
      "name": "CVE-2010-3638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3638"
    },
    {
      "name": "CVE-2010-1846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1846"
    },
    {
      "name": "CVE-2010-2484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2484"
    },
    {
      "name": "CVE-2010-3640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3640"
    },
    {
      "name": "CVE-2010-0434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0434"
    },
    {
      "name": "CVE-2010-1834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1834"
    },
    {
      "name": "CVE-2010-2499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2499"
    },
    {
      "name": "CVE-2010-2519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2519"
    },
    {
      "name": "CVE-2010-3646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3646"
    },
    {
      "name": "CVE-2010-0211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0211"
    },
    {
      "name": "CVE-2010-2531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2531"
    },
    {
      "name": "CVE-2010-2170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2170"
    },
    {
      "name": "CVE-2010-3784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3784"
    },
    {
      "name": "CVE-2010-1840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1840"
    },
    {
      "name": "CVE-2010-1845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1845"
    },
    {
      "name": "CVE-2010-3639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3639"
    },
    {
      "name": "CVE-2010-3654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3654"
    },
    {
      "name": "CVE-2010-0205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0205"
    },
    {
      "name": "CVE-2010-1752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1752"
    },
    {
      "name": "CVE-2010-2249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2249"
    },
    {
      "name": "CVE-2010-3643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3643"
    },
    {
      "name": "CVE-2010-1849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1849"
    },
    {
      "name": "CVE-2010-1842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1842"
    },
    {
      "name": "CVE-2010-2176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2176"
    },
    {
      "name": "CVE-2010-3650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3650"
    },
    {
      "name": "CVE-2010-1378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1378"
    },
    {
      "name": "CVE-2010-2497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2497"
    },
    {
      "name": "CVE-2010-3798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3798"
    },
    {
      "name": "CVE-2010-2162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2162"
    },
    {
      "name": "CVE-2009-2474",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2474"
    },
    {
      "name": "CVE-2010-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
    },
    {
      "name": "CVE-2010-2172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2172"
    },
    {
      "name": "CVE-2010-2181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2181"
    },
    {
      "name": "CVE-2010-3796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3796"
    },
    {
      "name": "CVE-2010-1850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1850"
    },
    {
      "name": "CVE-2010-3795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3795"
    },
    {
      "name": "CVE-2010-2160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2160"
    },
    {
      "name": "CVE-2010-3786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3786"
    },
    {
      "name": "CVE-2010-3644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3644"
    },
    {
      "name": "CVE-2010-2179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2179"
    },
    {
      "name": "CVE-2010-1831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1831"
    },
    {
      "name": "CVE-2010-3647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3647"
    },
    {
      "name": "CVE-2010-3790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3790"
    },
    {
      "name": "CVE-2010-2214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2214"
    },
    {
      "name": "CVE-2010-1450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1450"
    },
    {
      "name": "CVE-2010-0408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0408"
    },
    {
      "name": "CVE-2010-2165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2165"
    },
    {
      "name": "CVE-2010-2171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2171"
    },
    {
      "name": "CVE-2010-1844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1844"
    },
    {
      "name": "CVE-2010-2498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2498"
    },
    {
      "name": "CVE-2010-4010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4010"
    },
    {
      "name": "CVE-2010-3793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3793"
    },
    {
      "name": "CVE-2010-0209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0209"
    },
    {
      "name": "CVE-2010-2182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2182"
    },
    {
      "name": "CVE-2010-3649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3649"
    },
    {
      "name": "CVE-2010-1847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1847"
    },
    {
      "name": "CVE-2010-1841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1841"
    },
    {
      "name": "CVE-2010-2175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2175"
    },
    {
      "name": "CVE-2010-2180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2180"
    },
    {
      "name": "CVE-2010-1828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1828"
    },
    {
      "name": "CVE-2010-0397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0397"
    },
    {
      "name": "CVE-2010-2520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2520"
    },
    {
      "name": "CVE-2008-4546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4546"
    },
    {
      "name": "CVE-2010-1297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1297"
    },
    {
      "name": "CVE-2010-2941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2941"
    },
    {
      "name": "CVE-2010-2187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2187"
    },
    {
      "name": "CVE-2010-2164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2164"
    },
    {
      "name": "CVE-2010-2884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2884"
    },
    {
      "name": "CVE-2010-3636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3636"
    },
    {
      "name": "CVE-2010-1836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1836"
    },
    {
      "name": "CVE-2010-3794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3794"
    },
    {
      "name": "CVE-2010-2161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2161"
    },
    {
      "name": "CVE-2010-1843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1843"
    },
    {
      "name": "CVE-2010-2808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2808"
    },
    {
      "name": "CVE-2010-2215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2215"
    },
    {
      "name": "CVE-2010-2805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2805"
    },
    {
      "name": "CVE-2010-2178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2178"
    },
    {
      "name": "CVE-2010-3787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3787"
    },
    {
      "name": "CVE-2010-1832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1832"
    },
    {
      "name": "CVE-2009-0946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0946"
    },
    {
      "name": "CVE-2010-2177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2177"
    },
    {
      "name": "CVE-2009-2473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2473"
    },
    {
      "name": "CVE-2010-3053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3053"
    },
    {
      "name": "CVE-2010-3789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3789"
    },
    {
      "name": "CVE-2010-1829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1829"
    },
    {
      "name": "CVE-2010-2166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2166"
    },
    {
      "name": "CVE-2010-1848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1848"
    },
    {
      "name": "CVE-2010-3645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3645"
    },
    {
      "name": "CVE-2010-0212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0212"
    },
    {
      "name": "CVE-2010-3054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3054"
    },
    {
      "name": "CVE-2010-2184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2184"
    },
    {
      "name": "CVE-2010-3648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3648"
    },
    {
      "name": "CVE-2010-3791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3791"
    },
    {
      "name": "CVE-2010-1449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1449"
    },
    {
      "name": "CVE-2010-3976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3976"
    },
    {
      "name": "CVE-2010-3797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3797"
    },
    {
      "name": "CVE-2010-1830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1830"
    },
    {
      "name": "CVE-2010-3641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3641"
    },
    {
      "name": "CVE-2010-2189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2189"
    },
    {
      "name": "CVE-2010-3792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3792"
    },
    {
      "name": "CVE-2010-2216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2216"
    },
    {
      "name": "CVE-2010-2174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2174"
    },
    {
      "name": "CVE-2010-2169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2169"
    },
    {
      "name": "CVE-2010-1837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1837"
    },
    {
      "name": "CVE-2010-2806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2806"
    },
    {
      "name": "CVE-2009-2624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2624"
    },
    {
      "name": "CVE-2010-2188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2188"
    },
    {
      "name": "CVE-2010-2185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2185"
    },
    {
      "name": "CVE-2010-1833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1833"
    },
    {
      "name": "CVE-2010-1811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1811"
    },
    {
      "name": "CVE-2010-2500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2500"
    },
    {
      "name": "CVE-2010-2213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2213"
    },
    {
      "name": "CVE-2009-0796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0796"
    },
    {
      "name": "CVE-2010-2186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2186"
    },
    {
      "name": "CVE-2010-1838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1838"
    },
    {
      "name": "CVE-2010-2807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2807"
    },
    {
      "name": "CVE-2010-3785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3785"
    },
    {
      "name": "CVE-2010-2183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2183"
    },
    {
      "name": "CVE-2010-0105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0105"
    },
    {
      "name": "CVE-2010-0001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0001"
    },
    {
      "name": "CVE-2010-3652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3652"
    }
  ],
  "initial_release_date": "2010-11-12T00:00:00",
  "last_revision_date": "2010-11-12T00:00:00",
  "links": [],
  "reference": "CERTA-2010-AVI-548",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-11-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le syst\u00e8me\nd\u0027exploitation \u003cspan class=\"textit\"\u003eMac OS X\u003c/span\u003e. Leur exploitation\npermet, entre autres, l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 2010-007 du 11 novembre 2010",
      "url": "http://support.apple.com/kb/HT4435"
    }
  ]
}

CERTA-2010-AVI-551

Vulnerability from certfr_avis - Published: 2010-11-17 - Updated: 2010-11-17

Deux vulnérabilités dans Adobe Reader et Acrobat permettent à un utilisateur malveillant d'exécuter du code arbitraire. Leur exploitation peut se faire à distance par l'intermédiaire des greffons dans les navigateurs.

Description

Deux vulnérabilités permettent à un utilisateur malveillant d'exécuter du code arbitraire :

une corruption de la mémoire affecte uniquement les versions 9.x d'Adobe Reader et d'Acrobat ;
une autre corruption de la mémoire n'affecte qu'Adobe Reader.

L'exploitation de ces vulnérabilités peut se faire à distance par l'intermédiaire des greffons dans les navigateurs.

Solution

La version 9.4.1 des deux logiciels remédie à ces problèmes.

Le correctif pour Acrobat sur Unix sera publié le 30 novembre 2010.

Le correctif pour la version 8 sera publié ultérieurement.

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Adobe	Acrobat	Adobe Reader et Acrobat 9.x à partir de la version 9.2 pour les systèmes UNIX.
	Adobe	Acrobat	Adobe Reader et Acrobat 9.x à partir de la version 9.2 et 8.x à partir de la version 8.1.7, pour les systèmes Windows et Macintosh ;

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe apsb10-28 du 16 novembre 2010	None	vendor-advisory
Document du CERTA CERTA-2010-ALE-020 du 17 novembre 2010 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Adobe Reader et Acrobat 9.x \u00e0 partir de la version 9.2 pour les syst\u00e8mes UNIX.",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Reader et Acrobat 9.x \u00e0 partir de la version 9.2 et 8.x \u00e0 partir de la version 8.1.7, pour les syst\u00e8mes Windows et Macintosh ;",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s permettent \u00e0 un utilisateur malveillant d\u0027ex\u00e9cuter\ndu code arbitraire\u00a0:\n\n-   une corruption de la m\u00e9moire affecte uniquement les versions 9.x\n    d\u0027Adobe Reader et d\u0027Acrobat\u00a0;\n-   une autre corruption de la m\u00e9moire n\u0027affecte qu\u0027Adobe Reader.\n\nL\u0027exploitation de ces vuln\u00e9rabilit\u00e9s peut se faire \u00e0 distance par\nl\u0027interm\u00e9diaire des greffons dans les navigateurs.\n\n## Solution\n\nLa version 9.4.1 des deux logiciels rem\u00e9die \u00e0 ces probl\u00e8mes.\n\nLe correctif pour Acrobat sur Unix sera publi\u00e9 le 30 novembre 2010.\n\nLe correctif pour la version 8 sera publi\u00e9 ult\u00e9rieurement.\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-3654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3654"
    },
    {
      "name": "CVE-2010-4091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4091"
    }
  ],
  "initial_release_date": "2010-11-17T00:00:00",
  "last_revision_date": "2010-11-17T00:00:00",
  "links": [
    {
      "title": "Document du CERTA CERTA-2010-ALE-020 du 17 novembre 2010 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2010-ALE-020/index.html"
    }
  ],
  "reference": "CERTA-2010-AVI-551",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-11-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s dans Adobe Reader et Acrobat permettent \u00e0 un\nutilisateur malveillant d\u0027ex\u00e9cuter du code arbitraire. Leur exploitation\npeut se faire \u00e0 distance par l\u0027interm\u00e9diaire des greffons dans les\nnavigateurs.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans Adobe Reader et Acrobat",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb10-28 du 16 novembre 2010",
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
    }
  ]
}

CERTA-2010-AVI-538

Vulnerability from certfr_avis - Published: 2010-11-05 - Updated: 2010-11-05

De multiples vulnérabilités dans Adobe Flash Player permettent, entre autre, à une personne distante malintentionnée d'exécuter du code arbitraire à distance.

Description

Plusieurs vulnérabilités dans Adobe Flash Player ont été découvertes :

Plusieurs corruptions de la mémoire permettent d'exécuter du code arbitraire à distance (CVE-2010-3654, CVE-2010-3637, CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, CVE-2010-3652) ;
une erreur de validation permet de contourner la politique de restriction d'accès à certains fichiers (CVE-2010-3636) ;
une vulnérabilité permettant de porter atteinte à la confidentialité des données existe dans la version Macintosh pour le navigateur Safari du lecteur (CVE-2010-3638) ;
une vulnérabilité peremet de provoquer à minima un déni de service (CVE-2010-3639).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Adobe	N/A	Adobe Flash Player 10.1.95.1 pour Android.
	Adobe	N/A	Adobe Flash Player 10.1.85.3 et versions antérieures pour Windows, Macintosh, Linux et Solaris ;

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe APSB10-26 du 04 novembre 2010

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Adobe Flash Player 10.1.95.1 pour Android.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player 10.1.85.3 et versions ant\u00e9rieures pour Windows, Macintosh, Linux et Solaris ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s dans Adobe Flash Player ont \u00e9t\u00e9 d\u00e9couvertes :\n\n-   Plusieurs corruptions de la m\u00e9moire permettent d\u0027ex\u00e9cuter du code\n    arbitraire \u00e0 distance (CVE-2010-3654, CVE-2010-3637, CVE-2010-3640,\n    CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644,\n    CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648,\n    CVE-2010-3649, CVE-2010-3650, CVE-2010-3652) ;\n-   une erreur de validation permet de contourner la politique de\n    restriction d\u0027acc\u00e8s \u00e0 certains fichiers (CVE-2010-3636) ;\n-   une vuln\u00e9rabilit\u00e9 permettant de porter atteinte \u00e0 la confidentialit\u00e9\n    des donn\u00e9es existe dans la version Macintosh pour le navigateur\n    Safari du lecteur (CVE-2010-3638) ;\n-   une vuln\u00e9rabilit\u00e9 peremet de provoquer \u00e0 minima un d\u00e9ni de service\n    (CVE-2010-3639).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-3642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3642"
    },
    {
      "name": "CVE-2010-3638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3638"
    },
    {
      "name": "CVE-2010-3640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3640"
    },
    {
      "name": "CVE-2010-3646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3646"
    },
    {
      "name": "CVE-2010-3639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3639"
    },
    {
      "name": "CVE-2010-3654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3654"
    },
    {
      "name": "CVE-2010-3643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3643"
    },
    {
      "name": "CVE-2010-3650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3650"
    },
    {
      "name": "CVE-2010-3644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3644"
    },
    {
      "name": "CVE-2010-3647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3647"
    },
    {
      "name": "CVE-2010-3637",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3637"
    },
    {
      "name": "CVE-2010-3649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3649"
    },
    {
      "name": "CVE-2010-3636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3636"
    },
    {
      "name": "CVE-2010-3645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3645"
    },
    {
      "name": "CVE-2010-3648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3648"
    },
    {
      "name": "CVE-2010-3976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3976"
    },
    {
      "name": "CVE-2010-3641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3641"
    },
    {
      "name": "CVE-2010-3652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3652"
    }
  ],
  "initial_release_date": "2010-11-05T00:00:00",
  "last_revision_date": "2010-11-05T00:00:00",
  "links": [],
  "reference": "CERTA-2010-AVI-538",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-11-05T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans Adobe Flash Player permettent, entre\nautre, \u00e0 une personne distante malintentionn\u00e9e d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Flash Player",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB10-26 du 04 novembre 2010",
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
    }
  ]
}

CERTA-2010-ALE-018

Vulnerability from certfr_alerte - Published: 2010-10-28 - Updated: 2010-11-18

Une vulnérabilité permettant l'exécution de code arbitraire à distance affecte des produits Adobe. L'éditeur a émis les correctifs pour les lecteurs PDF.

Description

Une vulnérabilité critique affecte des produits Adobe. Elle permet à une personne malintentionnée d'exécuter du code arbitraire à distance. Elle est actuellement exploitée sur l'Internet dans des attaques ciblant les logiciels Adobe Acrobat et au moyen de documents PDF ayant du contenu Flash.

Contournement provisoire

Il est possible de supprimer ou interdire l'accès au composant authplay.dll. Cela empêchera l'exécution du contenu Flash et provoquera une erreur lors de l'ouverture de documents PDF ayant un tel contenu.

Il est aussi possible d'utiliser un logiciel alternatif en attendant la publication d'un correctif.

Le 04 novembre 2010, Adobe a publié une mise à jour de son lecteur Adobe Flash Player corrigeant cette vulnérabilité. Les applications Adobe Reader et Adobe Acrobat restaient vulnérables.

Solution

Le 04 novembre 2010, Adobe a publié une mise à jour de son lecteur Adobe Flash Player corrigeant cette vulnérabilité.

Les versions 9.4.1 d'Adobe Reader et d'Acrobat, publiées le 16 novembre 2010, résolvent ce problème.

La publication du correctif d'Acrobat sur plateforme Unix est annoncée pour le 30 novembre 2010.

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Adobe	Acrobat	Adobe Flash Player 10.1.95.2 et les versions antérieures sur les systèmes Android ;
Adobe	Acrobat	le composant authplay.dll contenu dans les versions 9.4 et antérieures de Adobe Acrobat et Reader.
Adobe	Acrobat	Adobe Flash Player 10.1.85.3 et les versions antérieures sur les systèmes Windows, Macintosh, Linux et Solaris ;

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe APSA10-05 du 28 octobre 2010	None	vendor-advisory
Bulletin de sécurité Adobe APSB10-26 du 04 novembre 2010 :	-	other
Alerte de sécurité Adobe APSA10-05 du 28 octobre 2010 :	-	other
Bulletin de sécurité Adobe APSB10-28 du 16 novembre 2010 :	-	other
Document du CERTA CERTA-2010-AVI-551 du 17 novembre 2010 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Adobe Flash Player 10.1.95.2 et les versions ant\u00e9rieures sur les syst\u00e8mes Android ;",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "le composant authplay.dll contenu dans les versions 9.4 et ant\u00e9rieures de Adobe Acrobat et Reader.",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Flash Player 10.1.85.3 et les versions ant\u00e9rieures sur les syst\u00e8mes Windows, Macintosh, Linux et Solaris ;",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "closed_at": "2010-11-18",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 critique affecte des produits Adobe. Elle permet \u00e0 une\npersonne malintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance. Elle\nest actuellement exploit\u00e9e sur l\u0027Internet dans des attaques ciblant les\nlogiciels Adobe Acrobat et au moyen de documents PDF ayant du contenu\nFlash.\n\n## Contournement provisoire\n\nIl est possible de supprimer ou interdire l\u0027acc\u00e8s au composant\nauthplay.dll. Cela emp\u00eachera l\u0027ex\u00e9cution du contenu Flash et provoquera\nune erreur lors de l\u0027ouverture de documents PDF ayant un tel contenu.\n\nIl est aussi possible d\u0027utiliser un logiciel alternatif en attendant la\npublication d\u0027un correctif.\n\nLe 04 novembre 2010, Adobe a publi\u00e9 une mise \u00e0 jour de son lecteur Adobe\nFlash Player corrigeant cette vuln\u00e9rabilit\u00e9. Les applications Adobe\nReader et Adobe Acrobat restaient vuln\u00e9rables.\n\n## Solution\n\nLe 04 novembre 2010, Adobe a publi\u00e9 une mise \u00e0 jour de son lecteur Adobe\nFlash Player corrigeant cette vuln\u00e9rabilit\u00e9.\n\nLes versions 9.4.1 d\u0027Adobe Reader et d\u0027Acrobat, publi\u00e9es le 16 novembre\n2010, r\u00e9solvent ce probl\u00e8me.\n\nLa publication du correctif d\u0027Acrobat sur plateforme Unix est annonc\u00e9e\npour le 30 novembre 2010.\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-3654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3654"
    }
  ],
  "initial_release_date": "2010-10-28T00:00:00",
  "last_revision_date": "2010-11-18T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB10-26 du 04 novembre 2010 :",
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
    },
    {
      "title": "Alerte de s\u00e9curit\u00e9 Adobe APSA10-05 du 28 octobre 2010 :",
      "url": "http://www.adobe.com/support/security/advisories/apsa10-05.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB10-28 du 16 novembre 2010 :",
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
    },
    {
      "title": "Document du CERTA CERTA-2010-AVI-551 du 17 novembre 2010 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2010-AVI-551/index.html"
    }
  ],
  "reference": "CERTA-2010-ALE-018",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-10-28T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Adobe APSB10-26 et modification des contournements provisoires.",
      "revision_date": "2010-11-05T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Adobe APSB10-28.",
      "revision_date": "2010-11-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 permettant l\u0027ex\u00e9cution de code arbitraire \u00e0 distance\naffecte des produits Adobe. L\u0027\u00e9diteur a \u00e9mis les correctifs pour les\nlecteurs PDF.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Adobe Flash Player, Adobe Reader et Acrobat",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSA10-05 du 28 octobre 2010",
      "url": null
    }
  ]
}

CERTA-2010-ALE-020

Vulnerability from certfr_alerte - Published: 2010-11-05 - Updated: 2010-11-17

L'éditeur a publié, le 16 novembre 2010, un correctif pour Acrobat, sauf sur plateforme Unix, et pour Adobe Reader.

Une vulnérabilité non détaillée affecte le logiciel Adobe Reader. Elle permet le déni de service et l'exécution de code arbitraire.

Description

Une vulnérabilité non détaillée affecte les logiciels Adobe Reader et Acrobat. Une personne malintentionnée peut l'exploiter au moyen d'un document spécifiquement réalisé pour provoquer un déni de service ou exécuter du code arbitraire. Une preuve de faisabilité de déni de service est disponible sur l'Internet.

L'exploitation de cette vulnérabilité peut se faire à distance au moyen de greffons dans les navigateurs.

L'éditeur confirme que les versions 8.x d'Adobe Reader et d'Acrobat ne sont pas concernées.

Contournement provisoire

Adobe recommande l'utilisation du JavaScript Blacklist Framework pour empêcher l'exploitation de la vulnérabilité. Les détails de configuration, en fonction du système, sont disponibles dans la note de sécurité du PSIRT (cf. Documentation).

Pour mémoire, plusieurs bonnes pratiques peuvent aider à protéger les utilisateurs :

s'assurer que les greffons de navigateur permettant d'ouvrir les fichiers PDF n'utilisent pas les logiciels faisant l'objet de cette alerte ;
désactiver par défaut l'interprétation du JavaScript ;
utiliser un compte avec des droits limités ;
convertir les fichiers suspects au format Postscript puis de nouveau au format PDF sur une machine sas ;
n'ouvrir que des fichiers provenant de sources vérifiées et sûres ;
utiliser un lecteur alternatif.

Ces mesures ne sont pas des garanties de protection contre cette vulnérabilité mais peuvent en limiter les impacts.

Solution

Les versions 9.4.1 d'Adobe Reader et d'Acrobat résolvent ce problème.

La publication du correctif d'Acrobat sur plateforme Unix est annoncée pour le 30 novembre 2010.

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Adobe Reader et Acrobat 9.x sur toutes les plateformes.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Note de sécurité du Adobe PSIRT du 4 novembre 2010	None	vendor-advisory
Note de sécurité du Adobe PSIRT du 04 novembre 2010 :	-	other
Bulletin de sécurité Adobe apsb10-05 du 16 novembre 2010 :	-	other
Bulletin de sécurité Adobe apsb10-28 du 16 novembre 2010 :	-	other
Document du CERTA CERTA-2010-AVI-551 du 17 novembre 2010 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eAdobe Reader et Acrobat 9.x sur toutes les plateformes.\u003c/P\u003e",
  "closed_at": "2010-11-17",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 non d\u00e9taill\u00e9e affecte les logiciels Adobe Reader et\nAcrobat. Une personne malintentionn\u00e9e peut l\u0027exploiter au moyen d\u0027un\ndocument sp\u00e9cifiquement r\u00e9alis\u00e9 pour provoquer un d\u00e9ni de service ou\nex\u00e9cuter du code arbitraire. Une preuve de faisabilit\u00e9 de d\u00e9ni de\nservice est disponible sur l\u0027Internet.\n\nL\u0027exploitation de cette vuln\u00e9rabilit\u00e9 peut se faire \u00e0 distance au moyen\nde greffons dans les navigateurs.\n\nL\u0027\u00e9diteur confirme que les versions 8.x d\u0027Adobe Reader et d\u0027Acrobat ne\nsont pas concern\u00e9es.\n\n## Contournement provisoire\n\nAdobe recommande l\u0027utilisation du JavaScript Blacklist Framework pour\nemp\u00eacher l\u0027exploitation de la vuln\u00e9rabilit\u00e9. Les d\u00e9tails de\nconfiguration, en fonction du syst\u00e8me, sont disponibles dans la note de\ns\u00e9curit\u00e9 du PSIRT (cf. Documentation).\n\nPour m\u00e9moire, plusieurs bonnes pratiques peuvent aider \u00e0 prot\u00e9ger les\nutilisateurs :\n\n-   s\u0027assurer que les greffons de navigateur permettant d\u0027ouvrir les\n    fichiers PDF n\u0027utilisent pas les logiciels faisant l\u0027objet de cette\n    alerte ;\n-   d\u00e9sactiver par d\u00e9faut l\u0027interpr\u00e9tation du JavaScript ;\n-   utiliser un compte avec des droits limit\u00e9s ;\n-   convertir les fichiers suspects au format Postscript puis de nouveau\n    au format PDF sur une machine sas ;\n-   n\u0027ouvrir que des fichiers provenant de sources v\u00e9rifi\u00e9es et s\u00fbres ;\n-   utiliser un lecteur alternatif.\n\nCes mesures ne sont pas des garanties de protection contre cette\nvuln\u00e9rabilit\u00e9 mais peuvent en limiter les impacts.\n\n## Solution\n\nLes versions 9.4.1 d\u0027Adobe Reader et d\u0027Acrobat r\u00e9solvent ce probl\u00e8me.\n\nLa publication du correctif d\u0027Acrobat sur plateforme Unix est annonc\u00e9e\npour le 30 novembre 2010.\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-3654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3654"
    }
  ],
  "initial_release_date": "2010-11-05T00:00:00",
  "last_revision_date": "2010-11-17T00:00:00",
  "links": [
    {
      "title": "Note de s\u00e9curit\u00e9 du Adobe PSIRT du 04 novembre 2010 :",
      "url": "http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb10-05 du 16 novembre 2010 :",
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-05.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb10-28 du 16 novembre 2010 :",
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
    },
    {
      "title": "Document du CERTA CERTA-2010-AVI-551 du 17 novembre 2010 :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2010-AVI-551/index.html"
    }
  ],
  "reference": "CERTA-2010-ALE-020",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-11-05T00:00:00.000000"
    },
    {
      "description": "pr\u00e9cisions sur la port\u00e9e et publication de correctifs.",
      "revision_date": "2010-11-17T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    }
  ],
  "summary": "L\u0027\u00e9diteur a publi\u00e9, le 16 novembre 2010, un correctif pour Acrobat, sauf\nsur plateforme Unix, et pour Adobe Reader.\n\nUne vuln\u00e9rabilit\u00e9 non d\u00e9taill\u00e9e affecte le logiciel Adobe Reader. Elle\npermet le d\u00e9ni de service et l\u0027ex\u00e9cution de code arbitraire.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Adobe Reader et Acrobat",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Note de s\u00e9curit\u00e9 du Adobe PSIRT du 4 novembre 2010",
      "url": null
    }
  ]
}

GSD-2010-3654

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2010-3654

Aliases

CVE-2010-3654

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-3654",
    "description": "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.",
    "id": "GSD-2010-3654",
    "references": [
      "https://www.suse.com/security/cve/CVE-2010-3654.html",
      "https://access.redhat.com/errata/RHSA-2010:0934",
      "https://access.redhat.com/errata/RHSA-2010:0867",
      "https://access.redhat.com/errata/RHSA-2010:0834",
      "https://access.redhat.com/errata/RHSA-2010:0829",
      "https://packetstormsecurity.com/files/cve/CVE-2010-3654"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-3654"
      ],
      "details": "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.",
      "id": "GSD-2010-3654",
      "modified": "2023-12-13T01:21:34.695944Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@adobe.com",
        "ID": "CVE-2010-3654",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ADV-2011-0192",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0192"
          },
          {
            "name": "42183",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/42183"
          },
          {
            "name": "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html",
            "refsource": "MISC",
            "url": "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html"
          },
          {
            "name": "http://support.apple.com/kb/HT4435",
            "refsource": "CONFIRM",
            "url": "http://support.apple.com/kb/HT4435"
          },
          {
            "name": "42030",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/42030"
          },
          {
            "name": "ADV-2011-0191",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0191"
          },
          {
            "name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1",
            "refsource": "CONFIRM",
            "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
          },
          {
            "name": "43025",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/43025"
          },
          {
            "name": "ADV-2011-0344",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0344"
          },
          {
            "name": "43026",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/43026"
          },
          {
            "name": "GLSA-201101-09",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
          },
          {
            "name": "ADV-2010-2918",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2010/2918"
          },
          {
            "name": "ADV-2010-3111",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2010/3111"
          },
          {
            "name": "41917",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/41917"
          },
          {
            "name": "APPLE-SA-2010-11-10-1",
            "refsource": "APPLE",
            "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
          },
          {
            "name": "GLSA-201101-08",
            "refsource": "GENTOO",
            "url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
          },
          {
            "name": "RHSA-2010:0834",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html"
          },
          {
            "name": "SUSE-SA:2010:055",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
          },
          {
            "name": "1024660",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1024660"
          },
          {
            "name": "42926",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/42926"
          },
          {
            "name": "RHSA-2010:0934",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
          },
          {
            "name": "ADV-2010-2903",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2010/2903"
          },
          {
            "name": "ADV-2011-0173",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2011/0173"
          },
          {
            "name": "42401",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/42401"
          },
          {
            "name": "http://www.adobe.com/support/security/bulletins/apsb10-26.html",
            "refsource": "CONFIRM",
            "url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
          },
          {
            "name": "VU#298081",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/298081"
          },
          {
            "name": "1024659",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1024659"
          },
          {
            "name": "TLSA-2011-2",
            "refsource": "TURBO",
            "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt"
          },
          {
            "name": "44504",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/44504"
          },
          {
            "name": "http://www.adobe.com/support/security/advisories/apsa10-05.html",
            "refsource": "CONFIRM",
            "url": "http://www.adobe.com/support/security/advisories/apsa10-05.html"
          },
          {
            "name": "http://www.adobe.com/support/security/bulletins/apsb10-28.html",
            "refsource": "CONFIRM",
            "url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
          },
          {
            "name": "SUSE-SA:2010:058",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
          },
          {
            "name": "8210",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/8210"
          },
          {
            "name": "ADV-2010-2906",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2010/2906"
          },
          {
            "name": "RHSA-2010:0867",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html"
          },
          {
            "name": "RHSA-2010:0829",
            "refsource": "REDHAT",
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html"
          },
          {
            "name": "oval:org.mitre.oval:def:13294",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13294"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "10.1.85.3",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:6.0.40.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:6.0.29.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:5.0_r50:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:6.0.79.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:6.0.65.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:6.0.47.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:oracle:solaris:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:6.0.29.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:5.0_r50:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:6.0.47.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:6.0.40.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:6.0.79.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:macromedia:flash_player:6.0.65.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "10.1.95.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@adobe.com",
          "ID": "CVE-2010-3654"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html"
            },
            {
              "name": "41917",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/41917"
            },
            {
              "name": "44504",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/44504"
            },
            {
              "name": "http://www.adobe.com/support/security/advisories/apsa10-05.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.adobe.com/support/security/advisories/apsa10-05.html"
            },
            {
              "name": "VU#298081",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/298081"
            },
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb10-26.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4435",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT4435"
            },
            {
              "name": "APPLE-SA-2010-11-10-1",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
            },
            {
              "name": "ADV-2010-2906",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2010/2906"
            },
            {
              "name": "1024659",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1024659"
            },
            {
              "name": "RHSA-2010:0834",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html"
            },
            {
              "name": "42030",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/42030"
            },
            {
              "name": "ADV-2010-2903",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2010/2903"
            },
            {
              "name": "RHSA-2010:0829",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html"
            },
            {
              "name": "1024660",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1024660"
            },
            {
              "name": "42183",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/42183"
            },
            {
              "name": "ADV-2010-2918",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2010/2918"
            },
            {
              "name": "RHSA-2010:0867",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html"
            },
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb10-28.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
            },
            {
              "name": "RHSA-2010:0934",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
            },
            {
              "name": "ADV-2010-3111",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2010/3111"
            },
            {
              "name": "SUSE-SA:2010:058",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
            },
            {
              "name": "42401",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/42401"
            },
            {
              "name": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
            },
            {
              "name": "42926",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/42926"
            },
            {
              "name": "GLSA-201101-09",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
            },
            {
              "name": "GLSA-201101-08",
              "refsource": "GENTOO",
              "tags": [],
              "url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
            },
            {
              "name": "ADV-2011-0173",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0173"
            },
            {
              "name": "SUSE-SA:2010:055",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
            },
            {
              "name": "43026",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/43026"
            },
            {
              "name": "ADV-2011-0192",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0192"
            },
            {
              "name": "ADV-2011-0191",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0191"
            },
            {
              "name": "43025",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/43025"
            },
            {
              "name": "ADV-2011-0344",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2011/0344"
            },
            {
              "name": "TLSA-2011-2",
              "refsource": "TURBO",
              "tags": [],
              "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt"
            },
            {
              "name": "8210",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/8210"
            },
            {
              "name": "oval:org.mitre.oval:def:13294",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13294"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2017-09-19T01:31Z",
      "publishedDate": "2010-10-29T19:00Z"
    }
  }
}

FKIE_CVE-2010-3654

Vulnerability from fkie_nvd - Published: 2010-10-29 19:00 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
psirt@adobe.com	http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1
psirt@adobe.com	http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html	Exploit
psirt@adobe.com	http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
psirt@adobe.com	http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html
psirt@adobe.com	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html
psirt@adobe.com	http://secunia.com/advisories/41917	Vendor Advisory
psirt@adobe.com	http://secunia.com/advisories/42030
psirt@adobe.com	http://secunia.com/advisories/42183
psirt@adobe.com	http://secunia.com/advisories/42401
psirt@adobe.com	http://secunia.com/advisories/42926
psirt@adobe.com	http://secunia.com/advisories/43025
psirt@adobe.com	http://secunia.com/advisories/43026
psirt@adobe.com	http://security.gentoo.org/glsa/glsa-201101-08.xml
psirt@adobe.com	http://security.gentoo.org/glsa/glsa-201101-09.xml
psirt@adobe.com	http://securityreason.com/securityalert/8210
psirt@adobe.com	http://support.apple.com/kb/HT4435
psirt@adobe.com	http://www.adobe.com/support/security/advisories/apsa10-05.html	Vendor Advisory
psirt@adobe.com	http://www.adobe.com/support/security/bulletins/apsb10-26.html
psirt@adobe.com	http://www.adobe.com/support/security/bulletins/apsb10-28.html
psirt@adobe.com	http://www.kb.cert.org/vuls/id/298081	US Government Resource
psirt@adobe.com	http://www.redhat.com/support/errata/RHSA-2010-0829.html
psirt@adobe.com	http://www.redhat.com/support/errata/RHSA-2010-0834.html
psirt@adobe.com	http://www.redhat.com/support/errata/RHSA-2010-0867.html
psirt@adobe.com	http://www.redhat.com/support/errata/RHSA-2010-0934.html
psirt@adobe.com	http://www.securityfocus.com/bid/44504
psirt@adobe.com	http://www.securitytracker.com/id?1024659
psirt@adobe.com	http://www.securitytracker.com/id?1024660
psirt@adobe.com	http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt
psirt@adobe.com	http://www.vupen.com/english/advisories/2010/2903
psirt@adobe.com	http://www.vupen.com/english/advisories/2010/2906
psirt@adobe.com	http://www.vupen.com/english/advisories/2010/2918
psirt@adobe.com	http://www.vupen.com/english/advisories/2010/3111
psirt@adobe.com	http://www.vupen.com/english/advisories/2011/0173
psirt@adobe.com	http://www.vupen.com/english/advisories/2011/0191
psirt@adobe.com	http://www.vupen.com/english/advisories/2011/0192
psirt@adobe.com	http://www.vupen.com/english/advisories/2011/0344
psirt@adobe.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13294
af854a3a-2127-422b-91ae-364da2661108	http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1
af854a3a-2127-422b-91ae-364da2661108	http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/41917	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42030
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42183
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42401
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42926
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43025
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/43026
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-201101-08.xml
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-201101-09.xml
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/8210
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4435
af854a3a-2127-422b-91ae-364da2661108	http://www.adobe.com/support/security/advisories/apsa10-05.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.adobe.com/support/security/bulletins/apsb10-26.html
af854a3a-2127-422b-91ae-364da2661108	http://www.adobe.com/support/security/bulletins/apsb10-28.html
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/298081	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2010-0829.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2010-0834.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2010-0867.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2010-0934.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/44504
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1024659
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1024660
af854a3a-2127-422b-91ae-364da2661108	http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/2903
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/2906
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/2918
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/3111
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0173
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0191
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0192
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2011/0344
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13294

Impacted products

Vendor	Product	Version
adobe	flash_player	*
adobe	flash_player	6.0.21.0
adobe	flash_player	6.0.79
adobe	flash_player	7.0
adobe	flash_player	7.0.1
adobe	flash_player	7.0.25
adobe	flash_player	7.0.63
adobe	flash_player	7.0.69.0
adobe	flash_player	7.0.70.0
adobe	flash_player	7.1
adobe	flash_player	7.1.1
adobe	flash_player	7.2
adobe	flash_player	8.0
adobe	flash_player	8.0.22.0
adobe	flash_player	8.0.24.0
adobe	flash_player	8.0.33.0
adobe	flash_player	8.0.34.0
adobe	flash_player	8.0.35.0
adobe	flash_player	8.0.39.0
adobe	flash_player	8.0.42.0
adobe	flash_player	9.0.16
adobe	flash_player	9.0.18d60
adobe	flash_player	9.0.20
adobe	flash_player	9.0.20.0
adobe	flash_player	9.0.28
adobe	flash_player	9.0.28.0
adobe	flash_player	9.0.31
adobe	flash_player	9.0.31.0
adobe	flash_player	9.0.45.0
adobe	flash_player	9.0.47.0
adobe	flash_player	9.0.48.0
adobe	flash_player	9.0.112.0
adobe	flash_player	9.0.114.0
adobe	flash_player	9.0.115.0
adobe	flash_player	9.0.124.0
adobe	flash_player	9.0.125.0
adobe	flash_player	9.0.151.0
adobe	flash_player	9.0.152.0
adobe	flash_player	9.0.159.0
adobe	flash_player	9.0.246.0
adobe	flash_player	9.0.260.0
adobe	flash_player	9.125.0
adobe	flash_player	10.0.0.584
adobe	flash_player	10.0.12.10
adobe	flash_player	10.0.12.36
adobe	flash_player	10.0.15.3
adobe	flash_player	10.0.22.87
adobe	flash_player	10.0.32.18
adobe	flash_player	10.0.42.34
adobe	flash_player	10.0.45.2
adobe	flash_player	10.1.52.14.1
adobe	flash_player	10.1.52.15
adobe	flash_player	10.1.53.64
adobe	flash_player	10.1.82.76
macromedia	flash_player	5.0
macromedia	flash_player	5.0_r50
macromedia	flash_player	6.0
macromedia	flash_player	6.0.29.0
macromedia	flash_player	6.0.40.0
macromedia	flash_player	6.0.47.0
macromedia	flash_player	6.0.65.0
macromedia	flash_player	6.0.79.0
apple	mac_os_x	*
linux	linux_kernel	*
microsoft	windows	*
oracle	solaris	*
adobe	flash_player	*
adobe	flash_player	6.0.21.0
adobe	flash_player	6.0.79
adobe	flash_player	7.0
adobe	flash_player	7.0.1
adobe	flash_player	7.0.25
adobe	flash_player	7.0.63
adobe	flash_player	7.0.69.0
adobe	flash_player	7.0.70.0
adobe	flash_player	7.1
adobe	flash_player	7.1.1
adobe	flash_player	7.2
adobe	flash_player	8.0
adobe	flash_player	8.0.22.0
adobe	flash_player	8.0.24.0
adobe	flash_player	8.0.33.0
adobe	flash_player	8.0.34.0
adobe	flash_player	8.0.35.0
adobe	flash_player	8.0.39.0
adobe	flash_player	8.0.42.0
adobe	flash_player	9.0.16
adobe	flash_player	9.0.18d60
adobe	flash_player	9.0.20
adobe	flash_player	9.0.20.0
adobe	flash_player	9.0.28
adobe	flash_player	9.0.28.0
adobe	flash_player	9.0.31
adobe	flash_player	9.0.31.0
adobe	flash_player	9.0.45.0
adobe	flash_player	9.0.47.0
adobe	flash_player	9.0.48.0
adobe	flash_player	9.0.112.0
adobe	flash_player	9.0.114.0
adobe	flash_player	9.0.115.0
adobe	flash_player	9.0.124.0
adobe	flash_player	9.0.125.0
adobe	flash_player	9.0.151.0
adobe	flash_player	9.0.152.0
adobe	flash_player	9.0.159.0
adobe	flash_player	9.0.246.0
adobe	flash_player	9.0.260.0
adobe	flash_player	9.125.0
adobe	flash_player	10.0.0.584
adobe	flash_player	10.0.12.10
adobe	flash_player	10.0.12.36
adobe	flash_player	10.0.15.3
adobe	flash_player	10.0.22.87
adobe	flash_player	10.0.32.18
adobe	flash_player	10.0.42.34
adobe	flash_player	10.0.45.2
adobe	flash_player	10.1.52.14.1
adobe	flash_player	10.1.52.15
adobe	flash_player	10.1.53.64
adobe	flash_player	10.1.82.76
adobe	flash_player	10.1.85.3
adobe	flash_player	10.1.92.8
adobe	flash_player	10.1.92.10
macromedia	flash_player	5.0
macromedia	flash_player	5.0_r50
macromedia	flash_player	6.0
macromedia	flash_player	6.0.29.0
macromedia	flash_player	6.0.40.0
macromedia	flash_player	6.0.47.0
macromedia	flash_player	6.0.65.0
macromedia	flash_player	6.0.79.0
google	android	*
adobe	acrobat	9.0
adobe	acrobat	9.1
adobe	acrobat	9.1.1
adobe	acrobat	9.1.2
adobe	acrobat	9.1.3
adobe	acrobat	9.2
adobe	acrobat	9.3
adobe	acrobat	9.3.1
adobe	acrobat	9.3.2
adobe	acrobat	9.3.3
adobe	acrobat	9.3.4
adobe	acrobat	9.4
adobe	acrobat_reader	9.0
adobe	acrobat_reader	9.1
adobe	acrobat_reader	9.1.1
adobe	acrobat_reader	9.1.2
adobe	acrobat_reader	9.1.3
adobe	acrobat_reader	9.2
adobe	acrobat_reader	9.3
adobe	acrobat_reader	9.3.1
adobe	acrobat_reader	9.3.2
adobe	acrobat_reader	9.3.3
adobe	acrobat_reader	9.3.4
adobe	acrobat_reader	9.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC8AFF98-B20C-49E0-9B01-1B51EE272DA4",
              "versionEndIncluding": "10.1.85.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7143E94B-F3CD-4E32-A7BB-C72C816EEACA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*",
              "matchCriteriaId": "4654752C-F677-4066-8C48-BAD09392A594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFF4A51-C936-4C5B-8276-FD454C9E4F40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5ECC9D7-3386-4FEA-9218-91E31FF90F3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0E93289-6EE0-401A-958D-F59D2CDAE2F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FA3E556-BF8F-4D30-8DE5-09DA3FD8D5C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82D5B56-44E0-4120-B73E-0A1155AF4B05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E895107-ED8A-4F88-87C3-935EAE299C01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4007D621-A0BC-4927-82A7-10D73802BCF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "641776AE-5408-439E-8290-DD9324771874",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "138A932A-D775-46A2-86EC-3C03C96884C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D12E3957-D7B2-4F3B-BB64-8B50B8958DEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0C5537E-3153-400D-9F9B-91E7F1218C8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "32912721-F750-4C20-B999-E728F7D3A85D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6693B1C4-B2A9-4725-AD0E-A266B9DF55AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A95FA639-346C-491C-81A8-6C2A7B01AA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F1E5AB-DEFA-42FC-A299-C8EEB778F9C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC7DD938-F963-4E03-B66B-F00436E4EA9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "351825F4-227D-4743-A74B-EAFC1034500B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "F35F86B6-D49A-40F4-BFFA-5D6BBA2F7D8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*",
              "matchCriteriaId": "600DDA9D-6440-48D1-8539-7127398A8678",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4D5E27C-F6BF-4F84-9B83-6AEC98B4AA14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "934A869D-D58D-4C36-B86E-013F62790585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACFA6611-99DA-48B0-89F7-DD99B8E30334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "59AF804B-BD7A-4AD7-AD44-B5D980443B8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5D52F86-2E38-4C66-9939-7603367B8D0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0557AA2A-FA3A-460A-8F03-DC74B149CA3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FC04ABF-6191-4AA5-90B2-E7A97E6C6005",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F22F1B02-CCF5-4770-A79B-1F58CA4321CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "93957171-F1F4-43ED-A8B9-2D36C81EB1F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AE89894-E492-4380-8A2B-4CDD3A15667A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C6ED706-BAF2-4795-B597-6F7EE8CA8911",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "260E2CF6-4D15-4168-A933-3EC52D8F93FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D50BF190-2629-49A8-A377-4723C93FFB3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E59E2AD-38BB-46DF-AC0D-D36F1F259AD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD04F04C-30CE-4A8D-B254-B10DEF62CEEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96DC7742-499D-4BF5-9C5B-FCFF912A9892",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33AC4365-576C-487A-89C5-197A26D416C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "84B367AC-E1E1-4BC5-8BF4-D5B517C0CA7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0A9C054-1F82-41DD-BE13-2B71B6F87F22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE848097-01E6-4C9B-9593-282D55CC77D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*",
              "matchCriteriaId": "08E4028B-72E7-4E4A-AD0F-645F5AACAA29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "63313ADA-3C52-47C8-9745-6BF6AEF0F6AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA646396-7C10-45A0-89A9-C75C5D8AFB3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "476BB487-150A-4482-8C84-E6A2995A97E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*",
              "matchCriteriaId": "3555324F-40F8-4BF4-BE5F-52A1E22B3AFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "60540FDE-8C31-4679-A85E-614B1EFE1FF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE652520-B693-47F1-A342-621C149A7430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EC3272-8E1E-4415-A254-BB6C7FB49BEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CF5AF16-A4F2-4E65-ADA8-DE11BE1F198D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7DF88E7-1A67-447C-BCF8-5C5564002207",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:*",
              "matchCriteriaId": "460A0D6C-3A06-4910-B1E5-375E12F64F6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:*",
              "matchCriteriaId": "950D8316-8117-4C09-A2A9-B34191957D32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF005FC1-50A0-4233-A500-1E677EACDBE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:5.0_r50:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BB0BE19-EB29-4DEB-883C-89CB2023E54B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F8A8FD0-F9C9-4125-B682-A7F2B73D9BA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:6.0.29.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B2A9976-1883-4D49-A512-C66FF12FDDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:6.0.40.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C20DFF23-6215-4860-B091-ECC1C1C08DA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:6.0.47.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1B943A-38AD-4472-B143-B66567EBC9E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:6.0.65.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "141B7F64-5EDD-450D-A244-124366AD5800",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:6.0.79.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F44A2955-F536-4EA5-8D1E-94D35EE10B88",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:oracle:solaris:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05924C67-F9A0-450E-A5B8-059651DD32E3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E727D4AE-923F-4828-A6DA-2413A9FA2AC6",
              "versionEndIncluding": "10.1.95.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7143E94B-F3CD-4E32-A7BB-C72C816EEACA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*",
              "matchCriteriaId": "4654752C-F677-4066-8C48-BAD09392A594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDFF4A51-C936-4C5B-8276-FD454C9E4F40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5ECC9D7-3386-4FEA-9218-91E31FF90F3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0E93289-6EE0-401A-958D-F59D2CDAE2F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FA3E556-BF8F-4D30-8DE5-09DA3FD8D5C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82D5B56-44E0-4120-B73E-0A1155AF4B05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E895107-ED8A-4F88-87C3-935EAE299C01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4007D621-A0BC-4927-82A7-10D73802BCF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "641776AE-5408-439E-8290-DD9324771874",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "138A932A-D775-46A2-86EC-3C03C96884C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D12E3957-D7B2-4F3B-BB64-8B50B8958DEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0C5537E-3153-400D-9F9B-91E7F1218C8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "32912721-F750-4C20-B999-E728F7D3A85D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6693B1C4-B2A9-4725-AD0E-A266B9DF55AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A95FA639-346C-491C-81A8-6C2A7B01AA19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9F1E5AB-DEFA-42FC-A299-C8EEB778F9C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC7DD938-F963-4E03-B66B-F00436E4EA9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "351825F4-227D-4743-A74B-EAFC1034500B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "F35F86B6-D49A-40F4-BFFA-5D6BBA2F7D8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*",
              "matchCriteriaId": "600DDA9D-6440-48D1-8539-7127398A8678",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4D5E27C-F6BF-4F84-9B83-6AEC98B4AA14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "934A869D-D58D-4C36-B86E-013F62790585",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACFA6611-99DA-48B0-89F7-DD99B8E30334",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "59AF804B-BD7A-4AD7-AD44-B5D980443B8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5D52F86-2E38-4C66-9939-7603367B8D0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0557AA2A-FA3A-460A-8F03-DC74B149CA3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FC04ABF-6191-4AA5-90B2-E7A97E6C6005",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F22F1B02-CCF5-4770-A79B-1F58CA4321CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "93957171-F1F4-43ED-A8B9-2D36C81EB1F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AE89894-E492-4380-8A2B-4CDD3A15667A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C6ED706-BAF2-4795-B597-6F7EE8CA8911",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "260E2CF6-4D15-4168-A933-3EC52D8F93FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D50BF190-2629-49A8-A377-4723C93FFB3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E59E2AD-38BB-46DF-AC0D-D36F1F259AD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD04F04C-30CE-4A8D-B254-B10DEF62CEEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96DC7742-499D-4BF5-9C5B-FCFF912A9892",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33AC4365-576C-487A-89C5-197A26D416C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "84B367AC-E1E1-4BC5-8BF4-D5B517C0CA7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0A9C054-1F82-41DD-BE13-2B71B6F87F22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE848097-01E6-4C9B-9593-282D55CC77D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*",
              "matchCriteriaId": "08E4028B-72E7-4E4A-AD0F-645F5AACAA29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "63313ADA-3C52-47C8-9745-6BF6AEF0F6AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA646396-7C10-45A0-89A9-C75C5D8AFB3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "476BB487-150A-4482-8C84-E6A2995A97E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*",
              "matchCriteriaId": "3555324F-40F8-4BF4-BE5F-52A1E22B3AFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "60540FDE-8C31-4679-A85E-614B1EFE1FF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE652520-B693-47F1-A342-621C149A7430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0EC3272-8E1E-4415-A254-BB6C7FB49BEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CF5AF16-A4F2-4E65-ADA8-DE11BE1F198D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7DF88E7-1A67-447C-BCF8-5C5564002207",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:*",
              "matchCriteriaId": "460A0D6C-3A06-4910-B1E5-375E12F64F6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:*",
              "matchCriteriaId": "950D8316-8117-4C09-A2A9-B34191957D32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5484DE8-3CB1-4591-BF30-0D5E255034E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "02EBACEB-1266-4A2C-A47E-066D12EE5B96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA86C5B3-1FC9-4585-9566-862A0318AF2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF005FC1-50A0-4233-A500-1E677EACDBE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:5.0_r50:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BB0BE19-EB29-4DEB-883C-89CB2023E54B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F8A8FD0-F9C9-4125-B682-A7F2B73D9BA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:6.0.29.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B2A9976-1883-4D49-A512-C66FF12FDDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:6.0.40.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C20DFF23-6215-4860-B091-ECC1C1C08DA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:6.0.47.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E1B943A-38AD-4472-B143-B66567EBC9E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:6.0.65.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "141B7F64-5EDD-450D-A244-124366AD5800",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:macromedia:flash_player:6.0.79.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F44A2955-F536-4EA5-8D1E-94D35EE10B88",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8255F035-04C8-4158-B301-82101711939C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AA53564-9ACD-4CFB-9AAC-A77440026A57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F475858-DCE2-4C93-A51A-04718DF17593",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "88687272-4CD0-42A2-B727-C322ABDE3549",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B35CC915-EEE3-4E86-9E09-1893C725E07B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "76201694-E5C5-4CA3-8919-46937AFDAAE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "397AB988-1C2C-4247-9B34-806094197CB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FA0B8C3-8060-4685-A241-9852BD63B7A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AB9BBDE-634A-47CF-BA49-67382B547900",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F56B1726-4F05-4732-9D8B-077EF593EAEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A258374F-55CB-48D2-9094-CD70E1288F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "562772F1-1627-438E-A6B8-7D1AA5536086",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F25C9167-C6D4-4264-9197-50878EDA2D96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD1D7308-09E9-42B2-8836-DC2326C62A9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5C251D2-4C9B-4029-8BED-0FCAED3B8E89",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2432AC17-5378-4C61-A775-5172FD44EC03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "39EDED39-664F-4B68-B422-2CCCA3B83550",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B508C5CE-1386-47B3-B301-B78DBB3A75D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDC2EEB6-D5EC-430F-962A-1279C9970441",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DC590C7-5BDE-4E46-9605-01E95B17F01F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCFE67F4-6907-4967-96A3-1757EADA72BB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010."
    },
    {
      "lang": "es",
      "value": "Flash Player de Adobe anterior a versi\u00f3n 9.0.289.0 y versiones 10.x anteriores a 10.1.102.64 en Windows, Mac OS X, Linux y Solaris y versi\u00f3n 10.1.95.1 en Android, y authplay.dll (tambi\u00e9n se conoce como AuthPlayLib.bundle o libauthplay.so.0.0.0) en Reader y Acrobat de Adobe versiones 9.x hasta 9.4, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y bloqueo de aplicaci\u00f3n) por medio de contenido SWF dise\u00f1ado, como se explot\u00f3 \u201cin the wild\u201d en octubre de 2010."
    }
  ],
  "id": "CVE-2010-3654",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2010-10-29T19:00:02.060",
  "references": [
    {
      "source": "psirt@adobe.com",
      "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/41917"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://secunia.com/advisories/42030"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://secunia.com/advisories/42183"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://secunia.com/advisories/42401"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://secunia.com/advisories/42926"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://secunia.com/advisories/43025"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://secunia.com/advisories/43026"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://securityreason.com/securityalert/8210"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://support.apple.com/kb/HT4435"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.adobe.com/support/security/advisories/apsa10-05.html"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/298081"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.securityfocus.com/bid/44504"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.securitytracker.com/id?1024659"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.securitytracker.com/id?1024660"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.vupen.com/english/advisories/2010/2903"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.vupen.com/english/advisories/2010/2906"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.vupen.com/english/advisories/2010/2918"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.vupen.com/english/advisories/2010/3111"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.vupen.com/english/advisories/2011/0173"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.vupen.com/english/advisories/2011/0191"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.vupen.com/english/advisories/2011/0192"
    },
    {
      "source": "psirt@adobe.com",
      "url": "http://www.vupen.com/english/advisories/2011/0344"
    },
    {
      "source": "psirt@adobe.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13294"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/41917"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42030"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42183"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42401"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42926"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43025"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/8210"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT4435"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.adobe.com/support/security/advisories/apsa10-05.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/298081"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/44504"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1024659"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1024660"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/2903"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/2906"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/2918"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/3111"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0173"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0191"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0192"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2011/0344"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13294"
    }
  ],
  "sourceIdentifier": "psirt@adobe.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-C6X8-9R8H-9JRR

Vulnerability from github – Published: 2022-05-17 01:03 – Updated: 2022-05-17 01:03

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-3654"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-10-29T19:00:00Z",
    "severity": "HIGH"
  },
  "details": "Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.",
  "id": "GHSA-c6x8-9r8h-9jrr",
  "modified": "2022-05-17T01:03:59Z",
  "published": "2022-05-17T01:03:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3654"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13294"
    },
    {
      "type": "WEB",
      "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1"
    },
    {
      "type": "WEB",
      "url": "http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/41917"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/42030"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/42183"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/42401"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/42926"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43025"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/43026"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-201101-08.xml"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/8210"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4435"
    },
    {
      "type": "WEB",
      "url": "http://www.adobe.com/support/security/advisories/apsa10-05.html"
    },
    {
      "type": "WEB",
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-26.html"
    },
    {
      "type": "WEB",
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-28.html"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/298081"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0829.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0834.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0867.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2010-0934.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/44504"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1024659"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1024660"
    },
    {
      "type": "WEB",
      "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txt"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/2903"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/2906"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/2918"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/3111"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0173"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0191"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0192"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2011/0344"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-3654 (GCVE-0-2010-3654)

Description

Solution

Description

Solution

Description

Solution

Description

Contournement provisoire

Solution

Description

Contournement provisoire

Solution

Tags

Sightings

Nomenclature