CVE-2010-3637 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	9.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:C/I:C/A:C

Base Score

CVSS 3.x

EPSS Score

Percentile: 93%

Affected Products (NVD)

Vendor	Product	Version
adobe	flash_player	9.0 ≤ 𝑥 < 9.0.289.0
adobe	flash_player	10.0 ≤ 𝑥 < 10.1.102.64

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

adobe-flashplugin

dapper	dne
hardy	Fixed 10.1.102.64-1 released
karmic	Fixed 10.1.102.64-1karmic1 released
lucid	Fixed 10.1.102.64-1lucid1 released
maverick	Fixed 10.1.102.64-1maverick1 released

flashplugin-nonfree

dapper	ignored
hardy	Fixed 10.0.1.218+really9.0.289.0ubuntu1 released
karmic	Fixed 10.1.102.64ubuntu0.9.10.1 released
lucid	Fixed 10.1.102.64ubuntu0.10.04.1 released
maverick	Fixed 10.1.102.64ubuntu0.10.10.1 released

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html

http://marc.info/?l=bugtraq&m=130331642631603&w=2

http://secunia.com/advisories/42926

http://www.adobe.com/support/security/bulletins/apsb10-26.html

http://www.securityfocus.com/archive/1/514652/100/0/threaded

http://www.securityfocus.com/bid/44690

http://www.vupen.com/english/advisories/2010/2903

http://www.vupen.com/english/advisories/2011/0173

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12259

http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html

http://marc.info/?l=bugtraq&m=130331642631603&w=2

http://secunia.com/advisories/42926

http://www.adobe.com/support/security/bulletins/apsb10-26.html

http://www.securityfocus.com/archive/1/514652/100/0/threaded

http://www.securityfocus.com/bid/44690

http://www.vupen.com/english/advisories/2010/2903

http://www.vupen.com/english/advisories/2011/0173

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12259