CVE-2010-2167

Adobe Flash Player < 10.1.53.64 - Remote Code Execution via Malformed GIF or JPEG Data

Title source: llm
STIX 2.1

Description

Multiple heap-based buffer overflows in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to malformed (1) GIF or (2) JPEG data.

References (29)

Core 29
Core References
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT4435
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7491
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0464.html
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA10-162A.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1024085
Various Sources vendor-advisory x_refsource_turbo
http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt
Patch, Vendor Advisory x_refsource_confirm
http://www.adobe.com/support/security/bulletins/apsb10-14.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15437
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0470.html
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0192
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1421
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40545
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511847/100/0/threaded
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1793
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/43026
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1432
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201101-09.xml
Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/40759
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1024086
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1434
Various Sources vendor-advisory x_refsource_hp
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40144
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1482
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1522
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/40802
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1453

Scores

EPSS 0.0900
EPSS Percentile 94.7%

Details

CWE
CWE-119
Status published
Products (50)
adobe/air 1.0
adobe/air 1.1
adobe/air 1.5
adobe/air 1.5.1
adobe/air 1.5.2
adobe/air 1.5.3
adobe/air < 1.5.3.9130
adobe/flash_player 9.0.16
adobe/flash_player 9.0.20
adobe/flash_player 9.0.20.0
... and 40 more
Published Jun 15, 2010
Tracked Since Feb 18, 2026