CVE-2010-2179
Description
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing.
Risk Information
Base Score
6.1
MODERATE
Vector
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
22.192
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Upgrade Adobe flash player 10.0.0.584 to latest version | Windows |
| Upgrade air 1.5.3.9130 to latest version | Windows |
| Multiple vulnerabilities affected in Adobe Flash Player Plugin 10.0.45.2 | Windows |
| Multiple vulnerabilities affected in Adobe Flash Player PPAPI 10.0.45.2 | Windows |
| Vulnerabilities CVE-2010-1297,CVE-2010-2179 are affected in Adobe AIR For Mac 2.0.2.12609 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-601945 | Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234