Vulnerability Details : CVE-2010-2161
Array index error in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified "types of Adobe Flash code."
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2010-2161
Probability of exploitation activity in the next 30 days: 1.37%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 84 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-2161
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2010-2161
-
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-2161
-
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2010:013
-
http://www.vupen.com/english/advisories/2010/1453
Webmail | OVH- OVH
-
http://www.vupen.com/english/advisories/2010/1793
Webmail | OVH- OVH
- http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
-
http://www.vupen.com/english/advisories/2010/1432
Webmail | OVH- OVH
-
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
Apple - Lists.apple.com
-
http://www.redhat.com/support/errata/RHSA-2010-0470.html
Support
-
http://www.securityfocus.com/bid/40781
Adobe Flash Player (CVE-2010-2161) Memory Index Remote Code Execution Vulnerability
-
http://securitytracker.com/id?1024085
Adobe Flash Player Multiple Flaws Let Remote Users Execute Arbitary Code, Conduct Cross-Site Scripting Attacks, and Deny Service - SecurityTracker
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15576
Repository / Oval Repository
-
http://security.gentoo.org/glsa/glsa-201101-09.xml
Adobe Flash Player: Multiple vulnerabilities (GLSA 201101-09) — Gentoo security
-
http://www.vupen.com/english/advisories/2010/1482
Webmail | OVH- OVH
-
http://www.us-cert.gov/cas/techalerts/TA10-162A.html
Adobe Flash and AIR Vulnerabilities | CISAUS Government Resource
-
http://support.apple.com/kb/HT4435
We're sorry.
-
http://www.vupen.com/english/advisories/2010/1522
Webmail | OVH- OVH
-
http://www.vupen.com/english/advisories/2010/1434
Webmail | OVH- OVH
-
http://securitytracker.com/id?1024086
Adobe AIR Multiple Flaws Let Remote Users Execute Arbitary Code, Conduct Cross-Site Scripting Attacks, and Deny Service - SecurityTracker
-
http://www.redhat.com/support/errata/RHSA-2010-0464.html
Support
- http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt
-
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html
[security-announce] SUSE Security Announcement: flash player (SUSE-SA:20
-
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=871
-
http://www.securityfocus.com/bid/40759
RETIRED: Adobe Flash Player 10.0.45.2 and AIR 1.5.3.9130 Multiple Remote Vulnerabilities
-
http://www.vupen.com/english/advisories/2011/0192
Webmail | OVH- OVH
-
http://www.vupen.com/english/advisories/2010/1421
Webmail | OVH- OVH
-
http://www.adobe.com/support/security/bulletins/apsb10-14.html
Adobe - Security Bulletins: APSB10-14 Security update available for Adobe Flash PlayerPatch;Vendor Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7303
Repository / Oval Repository
Products affected by CVE-2010-2161
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.262.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.14.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.68.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.67.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.73.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.53.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.60.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.61.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.66.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.19.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.24.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:air:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:air:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:air:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:air:1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:air:1.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:air:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:macromedia:flash_player:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:macromedia:flash_player:5.0.58.0:*:*:*:*:*:*:*
- cpe:2.3:a:macromedia:flash_player:5.0.41.0:*:*:*:*:*:*:*
- cpe:2.3:a:macromedia:flash_player:5.0.42.0:*:*:*:*:*:*:*
- cpe:2.3:a:macromedia:flash_player:5.0.30.0:*:*:*:*:*:*:*