CVE-2010-2173: Buffer Overflow
First published: Tue Jun 15 2010(Updated: )
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newclass (0x58) operator, a different vulnerability than CVE-2010-2174.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Macromedia Flash Player | =9.0.125.0 | |
| Macromedia Flash Player | =9.0.48.0 | |
| Macromedia Flash Player | =9.0.262.0 | |
| Macromedia Flash Player | =9.0.124.0 | |
| Macromedia Flash Player | =9.0.47.0 | |
| Macromedia Flash Player | =9.0.20.0 | |
| Macromedia Flash Player | =9.0.31.0 | |
| Macromedia Flash Player | =9.0.260.0 | |
| Macromedia Flash Player | =9.0.159.0 | |
| Macromedia Flash Player | =9.0.16 | |
| Macromedia Flash Player | =9.0.28.0 | |
| Macromedia Flash Player | =9.0.28 | |
| Macromedia Flash Player | =9.0.45.0 | |
| Macromedia Flash Player | =9.0.31 | |
| Macromedia Flash Player | =9.0.115.0 | |
| Macromedia Flash Player | =9.0.151.0 | |
| Macromedia Flash Player | =9.0.20 | |
| Macromedia Flash Player | =9.0.246.0 | |
| Macromedia Flash Player | =9.0.152.0 | |
| Macromedia Flash Player | <=10.0.45.2 | |
| Macromedia Flash Player | =10.0.15.3 | |
| Macromedia Flash Player | =10.0.12.36 | |
| Macromedia Flash Player | =10.0.42.34 | |
| Macromedia Flash Player | =10.0.0.584 | |
| Macromedia Flash Player | =10.0.22.87 | |
| Macromedia Flash Player | =10.0.32.18 | |
| Macromedia Flash Player | =10.0.12.10 | |
| Adobe Flash Player | =5.0 | |
| Macromedia Flash Player | =8.0.24.0 | |
| Macromedia Flash Player | =7.0.14.0 | |
| Macromedia Flash Player | =6.0.79 | |
| Macromedia Flash Player | =7.0.66.0 | |
| Macromedia Flash Player | =7.0.60.0 | |
| Macromedia Flash Player | =7.1.1 | |
| Macromedia Flash Player | =7.0.63 | |
| Macromedia Flash Player | =7.0.70.0 | |
| Macromedia Flash Player | =7.0.19.0 | |
| Macromedia Flash Player | =8.0.35.0 | |
| Macromedia Flash Player | =7.0.53.0 | |
| Macromedia Flash Player | =7.0.67.0 | |
| Macromedia Flash Player | =8.0.22.0 | |
| Adobe Flash Player | =5.0.42.0 | |
| Macromedia Flash Player | =8.0.42.0 | |
| Adobe Flash Player | =5.0.58.0 | |
| Macromedia Flash Player | =7.0.69.0 | |
| Macromedia Flash Player | =7.0 | |
| Macromedia Flash Player | =7.2 | |
| Macromedia Flash Player | =7.0.68.0 | |
| Adobe Flash Player | =5.0.41.0 | |
| Macromedia Flash Player | =7.0.25 | |
| Macromedia Flash Player | =8.0 | |
| Macromedia Flash Player | =8.0.33.0 | |
| Macromedia Flash Player | =7.0.24.0 | |
| Macromedia Flash Player | =8.0.39.0 | |
| Macromedia Flash Player | =7.0.73.0 | |
| Macromedia Flash Player | =8.0.34.0 | |
| Macromedia Flash Player | =7.1 | |
| Adobe Flash Player | =5.0.30.0 | |
| Macromedia Flash Player | =7.0.61.0 | |
| Macromedia Flash Player | =7.0.1 | |
| Adobe | =1.5.2 | |
| Adobe | =1.5.3 | |
| Adobe | =1.5 | |
| Adobe | =1.0 | |
| Adobe | =1.1 | |
| Adobe | <=1.5.3.9130 | |
| Adobe | =1.5.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
- http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
- http://secunia.com/advisories/40144
- http://secunia.com/advisories/40545
- http://secunia.com/advisories/43026
- http://security.gentoo.org/glsa/glsa-201101-09.xml
- http://securitytracker.com/id?1024085
- http://securitytracker.com/id?1024086
- http://support.apple.com/kb/HT4435
- http://www.adobe.com/support/security/bulletins/apsb10-14.html
- http://www.redhat.com/support/errata/RHSA-2010-0464.html
- http://www.redhat.com/support/errata/RHSA-2010-0470.html
- http://www.securityfocus.com/archive/1/511848/100/0/threaded
- http://www.securityfocus.com/bid/40759
- http://www.securityfocus.com/bid/40800
- http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt
- http://www.us-cert.gov/cas/techalerts/TA10-162A.html
- http://www.vupen.com/english/advisories/2010/1421
- http://www.vupen.com/english/advisories/2010/1432
- http://www.vupen.com/english/advisories/2010/1434
- http://www.vupen.com/english/advisories/2010/1453
- http://www.vupen.com/english/advisories/2010/1482
- http://www.vupen.com/english/advisories/2010/1522
- http://www.vupen.com/english/advisories/2010/1793
- http://www.vupen.com/english/advisories/2011/0192
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16261
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6762
Frequently Asked Questions
What is the severity of CVE-2010-2173?
CVE-2010-2173 is rated as critical as it allows attackers to execute arbitrary code due to an invalid pointer vulnerability.
How do I fix CVE-2010-2173?
To mitigate CVE-2010-2173, update your Adobe Flash Player or Adobe AIR to the latest versions, which address the vulnerability.
Which versions are affected by CVE-2010-2173?
CVE-2010-2173 affects Adobe Flash Player versions before 9.0.277.0 and 10.x before 10.1.53.64, as well as Adobe AIR versions before 2.0.2.12610.
What are the potential impacts of CVE-2010-2173?
The potential impacts of CVE-2010-2173 include arbitrary code execution which can lead to system compromise or data breaches.
Is there a workaround for CVE-2010-2173?
There are no known workarounds for CVE-2010-2173; the only effective measure is to update to the patched software versions.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/author
- agent/remedy
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/adobe
- canonical/macromedia flash player
- version/macromedia flash player/9.0.125.0
- version/macromedia flash player/9.0.48.0
- version/macromedia flash player/9.0.262.0
- version/macromedia flash player/9.0.124.0
- version/macromedia flash player/9.0.47.0
- version/macromedia flash player/9.0.20.0
- version/macromedia flash player/9.0.31.0
- version/macromedia flash player/9.0.260.0
- version/macromedia flash player/9.0.159.0
- version/macromedia flash player/9.0.16
- version/macromedia flash player/9.0.28.0
- version/macromedia flash player/9.0.28
- version/macromedia flash player/9.0.45.0
- version/macromedia flash player/9.0.31
- version/macromedia flash player/9.0.115.0
- version/macromedia flash player/9.0.151.0
- version/macromedia flash player/9.0.20
- version/macromedia flash player/9.0.246.0
- version/macromedia flash player/9.0.152.0
- version/macromedia flash player/10.0.45.2
- version/macromedia flash player/10.0.15.3
- version/macromedia flash player/10.0.12.36
- version/macromedia flash player/10.0.42.34
- version/macromedia flash player/10.0.0.584
- version/macromedia flash player/10.0.22.87
- version/macromedia flash player/10.0.32.18
- version/macromedia flash player/10.0.12.10
- vendor/macromedia
- canonical/adobe flash player
- version/adobe flash player/5.0
- version/macromedia flash player/8.0.24.0
- version/macromedia flash player/7.0.14.0
- version/macromedia flash player/6.0.79
- version/macromedia flash player/7.0.66.0
- version/macromedia flash player/7.0.60.0
- version/macromedia flash player/7.1.1
- version/macromedia flash player/7.0.63
- version/macromedia flash player/7.0.70.0
- version/macromedia flash player/7.0.19.0
- version/macromedia flash player/8.0.35.0
- version/macromedia flash player/7.0.53.0
- version/macromedia flash player/7.0.67.0
- version/macromedia flash player/8.0.22.0
- version/adobe flash player/5.0.42.0
- version/macromedia flash player/8.0.42.0
- version/adobe flash player/5.0.58.0
- version/macromedia flash player/7.0.69.0
- version/macromedia flash player/7.0
- version/macromedia flash player/7.2
- version/macromedia flash player/7.0.68.0
- version/adobe flash player/5.0.41.0
- version/macromedia flash player/7.0.25
- version/macromedia flash player/8.0
- version/macromedia flash player/8.0.33.0
- version/macromedia flash player/7.0.24.0
- version/macromedia flash player/8.0.39.0
- version/macromedia flash player/7.0.73.0
- version/macromedia flash player/8.0.34.0
- version/macromedia flash player/7.1
- version/adobe flash player/5.0.30.0
- version/macromedia flash player/7.0.61.0
- version/macromedia flash player/7.0.1
- canonical/adobe
- version/adobe/1.5.2
- version/adobe/1.5.3
- version/adobe/1.5
- version/adobe/1.0
- version/adobe/1.1
- version/adobe/1.5.3.9130
- version/adobe/1.5.1