What is the severity of CVE-2010-1286?

CVE-2010-1286 has a critical severity rating due to its potential for exploitation leading to denial of service or arbitrary code execution.

How do I fix CVE-2010-1286?

The recommended fix for CVE-2010-1286 is to update to Adobe Shockwave Player version 11.5.7.609 or later.

What types of attacks can exploit CVE-2010-1286?

CVE-2010-1286 can be exploited to perform denial of service attacks or execute arbitrary code on the affected systems.

Which versions of Adobe Shockwave Player are affected by CVE-2010-1286?

CVE-2010-1286 affects all versions of Adobe Shockwave Player prior to 11.5.7.609.

Is there a workaround for CVE-2010-1286 if I cannot update?

Currently, the best mitigation for CVE-2010-1286 is to discontinue use of the vulnerable versions until updates can be applied.

Vulnerability/
CVE-2010-1286

critical

9.3

CWE

119

13/5/2010

7/8/2024

CVE-2010-1286: Buffer Overflow

First published: Thu May 13 2010(Updated: )

Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe Shockwave Player	<=11.5.6.606
Adobe Shockwave Player	=1.0
Adobe Shockwave Player	=2.0
Adobe Shockwave Player	=3.0
Adobe Shockwave Player	=4.0
Adobe Shockwave Player	=5.0
Adobe Shockwave Player	=6.0
Adobe Shockwave Player	=8.0
Adobe Shockwave Player	=8.5.1
Adobe Shockwave Player	=9
Adobe Shockwave Player	=10.1.0.11
Adobe Shockwave Player	=11.0.0.456
Adobe Shockwave Player	=11.5.0.595
Adobe Shockwave Player	=11.5.0.596
Adobe Shockwave Player	=11.5.1.601
Adobe Shockwave Player	=11.5.2.602
Apple macOS
Microsoft Windows
Adobe Shockwave Player
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008 Itanium
Microsoft Windows Vista

Remedy

http://www.adobe.com/support/security/bulletins/apsb10-12.html

Remedy

http://www.vupen.com/english/advisories/2010/1128

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-1286?
CVE-2010-1286 has a critical severity rating due to its potential for exploitation leading to denial of service or arbitrary code execution.
How do I fix CVE-2010-1286?
The recommended fix for CVE-2010-1286 is to update to Adobe Shockwave Player version 11.5.7.609 or later.
What types of attacks can exploit CVE-2010-1286?
CVE-2010-1286 can be exploited to perform denial of service attacks or execute arbitrary code on the affected systems.
Which versions of Adobe Shockwave Player are affected by CVE-2010-1286?
CVE-2010-1286 affects all versions of Adobe Shockwave Player prior to 11.5.7.609.
Is there a workaround for CVE-2010-1286 if I cannot update?
Currently, the best mitigation for CVE-2010-1286 is to discontinue use of the vulnerable versions until updates can be applied.

collector/nvd-historical
agent/references
agent/type
agent/remedy
agent/softwarecombine
agent/weakness
agent/severity
agent/author
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/adobe
canonical/adobe shockwave player
version/adobe shockwave player/11.5.6.606
version/adobe shockwave player/1.0
version/adobe shockwave player/2.0
version/adobe shockwave player/3.0
version/adobe shockwave player/4.0
version/adobe shockwave player/5.0
version/adobe shockwave player/6.0
version/adobe shockwave player/8.0
version/adobe shockwave player/8.5.1
version/adobe shockwave player/9
version/adobe shockwave player/10.1.0.11
version/adobe shockwave player/11.0.0.456
version/adobe shockwave player/11.5.0.595
version/adobe shockwave player/11.5.0.596
version/adobe shockwave player/11.5.1.601
version/adobe shockwave player/11.5.2.602
vendor/apple
canonical/apple macos
vendor/microsoft
canonical/microsoft windows
canonical/microsoft windows 7
canonical/microsoft windows server 2003
canonical/microsoft windows server 2008 itanium
canonical/microsoft windows vista

Frequently Asked Questions

What is the severity of CVE-2010-1286?
CVE-2010-1286 has a critical severity rating due to its potential for exploitation leading to denial of service or arbitrary code execution.
How do I fix CVE-2010-1286?
The recommended fix for CVE-2010-1286 is to update to Adobe Shockwave Player version 11.5.7.609 or later.
What types of attacks can exploit CVE-2010-1286?
CVE-2010-1286 can be exploited to perform denial of service attacks or execute arbitrary code on the affected systems.
Which versions of Adobe Shockwave Player are affected by CVE-2010-1286?
CVE-2010-1286 affects all versions of Adobe Shockwave Player prior to 11.5.7.609.
Is there a workaround for CVE-2010-1286 if I cannot update?
Currently, the best mitigation for CVE-2010-1286 is to discontinue use of the vulnerable versions until updates can be applied.

CVE-2010-1286: Buffer Overflow

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-1286?

How do I fix CVE-2010-1286?

What types of attacks can exploit CVE-2010-1286?

Which versions of Adobe Shockwave Player are affected by CVE-2010-1286?

Is there a workaround for CVE-2010-1286 if I cannot update?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2010-1286?

How do I fix CVE-2010-1286?

What types of attacks can exploit CVE-2010-1286?

Which versions of Adobe Shockwave Player are affected by CVE-2010-1286?

Is there a workaround for CVE-2010-1286 if I cannot update?