CVE-2010-2162
Adobe Flash Player < 10.1.53.64 - Heap Memory Corruption via STSC STSZ STCO Atoms
Title source: llmDescription
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors related to improper length calculation and the (1) STSC, (2) STSZ, and (3) STCO atoms.
References (30)
Core 30
Core References
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT4435
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16345
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7166
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0192
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1421
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/40545
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0464.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1793
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43026
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1432
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201101-09.xml
US Government Resource third-party-advisory
x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA10-162A.html
Mailing List vendor-advisory
x_refsource_apple
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/40759
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1024085
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1024086
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1434
Various Sources vendor-advisory
x_refsource_turbo
http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt
Various Sources vendor-advisory
x_refsource_hp
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/40801
Patch, Vendor Advisory x_refsource_confirm
http://www.adobe.com/support/security/bulletins/apsb10-14.html
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-10-109
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/40144
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0470.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1482
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511862/100/0/threaded
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1522
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1453
Scores
EPSS
0.0675
EPSS Percentile
93.2%
Details
CWE
CWE-119
Status
published
Products (50)
adobe/air
1.0
adobe/air
1.1
adobe/air
1.5
adobe/air
1.5.1
adobe/air
1.5.2
adobe/air
1.5.3
adobe/air
< 1.5.3.9130
adobe/flash_player
9.0.16
adobe/flash_player
9.0.20
adobe/flash_player
9.0.20.0
... and 40 more
Published
Jun 15, 2010
Tracked Since
Feb 18, 2026