Home

CVE-2010-2162

Description

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors related to improper length calculation and the (1) STSC, (2) STSZ, and (3) STCO atoms.

Risk Information

Base Score
9.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.663

Associated Vulnerability

VulnerabilityOS Platform
Upgrade Adobe flash player 10.0.0.584 to latest versionWindows
Upgrade air 1.5.3.9130 to latest versionWindows
Multiple vulnerabilities affected in Adobe Flash Player Plugin 10.0.45.2Windows
Multiple vulnerabilities affected in Adobe Flash Player PPAPI 10.0.45.2Windows
Multiple Vulnerabilities are affected in Adobe AIR For Mac 1.0Mac
Multiple Vulnerabilities are affected in Adobe AIR For Mac 1.5Mac
Multiple Vulnerabilities are affected in Adobe AIR For Mac 1.1Mac
Multiple Vulnerabilities are affected in Adobe AIR For Mac 1.5.1Mac
Multiple Vulnerabilities are affected in Adobe AIR For Mac 1.5.2Mac
Multiple Vulnerabilities are affected in Adobe AIR For Mac 1.5.3Mac
Multiple Vulnerabilities are affected in Adobe AIR For Mac 1.5.3.9130Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)
PATCH-601945Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234