CVE-2010-0379

Multiple unspecified vulnerabilities in the Macromedia Flash ActiveX control in Adobe Flash Player 6, as distributed in Microsoft Windows XP SP2 and SP3, might allow remote attackers to execute arbitrary code via unspecified vectors that are not related to the use-after-free "Movie Unloading Vulnerability" (CVE-2010-0378). NOTE: due to lack of details, it is not clear whether this overlaps any other CVE item.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/27105	Vendor Advisory
http://securitytracker.com/id?1023435
http://www.microsoft.com/technet/security/advisory/979267.mspx	Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14146

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:adobe:flash_player:6.0.21.0:::::::*
	cpe:2.3:a:adobe:flash_player:6.0.79:::::::*

OR	cpe:2.3:o:microsoft:windows_xp::sp2::::::*
	cpe:2.3:o:microsoft:windows_xp::sp3::::::*
	cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:::::*

History

No history.

Information

Published : 2010-01-21 23:30

Updated : 2024-02-28 11:41

NVD link : CVE-2010-0379

Mitre link : CVE-2010-0379

CVE.ORG link : CVE-2010-0379

JSON object : View

Products Affected

microsoft

windows_xp

adobe

flash_player

CWE

NVD-CWE-noinfo

{"id": "CVE-2010-0379", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-01-21T23:30:00.507", "references": [{"url": "http://secunia.com/advisories/27105", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1023435", "source": "cve@mitre.org"}, {"url": "http://www.microsoft.com/technet/security/advisory/979267.mspx", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14146", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in the Macromedia Flash ActiveX control in Adobe Flash Player 6, as distributed in Microsoft Windows XP SP2 and SP3, might allow remote attackers to execute arbitrary code via unspecified vectors that are not related to the use-after-free \"Movie Unloading Vulnerability\" (CVE-2010-0378). NOTE: due to lack of details, it is not clear whether this overlaps any other CVE item."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades no especificadas en el control ActiveX de Macromedia Flash en Flash Player de Adobe versi\u00f3n 6, tal y como es distribuido en Windows XP de Microsoft SP2 y SP3, podr\u00edan permitir a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de vectores no especificados que no est\u00e1n relacionados con el uso de memoria previamente liberada de la \"Movie Unloading Vulnerability\" (CVE-2010-0378). NOTA: debido a la falta de detalles, no est\u00e1 claro si esto se solapa a cualquier otro elemento CVE."}], "lastModified": "2017-09-19T01:30:22.220", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7143E94B-F3CD-4E32-A7BB-C72C816EEACA"}, {"criteria": "cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4654752C-F677-4066-8C48-BAD09392A594"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656"}, {"criteria": "cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FFAC3F90-77BF-4F56-A89B-8A3D2D1FC6D6"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}