Main Vulnerability Database Vulnerabilities #VU3100

#VU3100 Memory corruption in Adobe Flash Player - CVE-2010-2172

Published: January 3, 2017

Vulnerability identifier: #VU3100

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2010-2172

CWE-ID: CWE-119

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Adobe Flash Player

Software vendor:
Adobe

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing .swf files. A remote attacker can create a specially crafted .swf file, trick the victim into opening it and cause denial of service

Successful exploitation of the vulnerability results in application to stop responding.

Remediation

Install the latest version from vendor's website. The vulnerability is fixed in the following versions:

Flash Player 9.0.277.0

External links

http://www.adobe.com/support/security/bulletins/apsb10-14.html

#VU3100 Memory corruption in Adobe Flash Player - CVE-2010-2172

Description

Remediation

External links

Please verify you're human