Vulnerability Details : CVE-2010-3644
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
Vulnerability category: Memory CorruptionExecute codeDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2010-3644
Probability of exploitation activity in the next 30 days: 0.84%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 80 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-3644
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2010-3644
-
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
Apple - Lists.apple.comMailing List;Third Party Advisory
-
http://www.adobe.com/support/security/bulletins/apsb10-26.html
Adobe - Security Bulletins: APSB10-26 - Security update available for Adobe Flash PlayerPatch;Vendor Advisory
-
http://www.vupen.com/english/advisories/2010/2918
Webmail | OVH- OVHThird Party Advisory
-
http://security.gentoo.org/glsa/glsa-201101-09.xml
Adobe Flash Player: Multiple vulnerabilities (GLSA 201101-09) — Gentoo securityThird Party Advisory
-
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1
Broken Link
-
http://www.securityfocus.com/bid/44680
Adobe Flash Player CVE-2010-3644 Remote Memory Corruption VulnerabilityThird Party Advisory;VDB Entry
-
http://www.vupen.com/english/advisories/2010/2906
Webmail | OVH- OVHThird Party Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11660
Repository / Oval RepositoryThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html
[security-announce] SUSE Security Announcement: flash-player (SUSE-SA:20Third Party Advisory
-
http://www.vupen.com/english/advisories/2010/2903
Webmail | OVH- OVHThird Party Advisory
-
http://support.apple.com/kb/HT4435
We're sorry.Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2010-0867.html
SupportThird Party Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16220
Repository / Oval RepositoryThird Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2010-0829.html
SupportThird Party Advisory
-
http://marc.info/?l=bugtraq&m=130331642631603&w=2
'[security bulletin] HPSBMA02663 SSRT100428 rev.1 - HP Systems Insight Manager (SIM) for HP-UX, Linux' - MARCMailing List;Third Party Advisory
-
http://www.vupen.com/english/advisories/2011/0192
Webmail | OVH- OVHThird Party Advisory
-
http://www.vupen.com/english/advisories/2011/0173
Webmail | OVH- OVHThird Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2010-0834.html
SupportThird Party Advisory
Products affected by CVE-2010-3644
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*