[CVE-2010-1297] Adobe Flash Player Memory Corruption Vulnerability

NVD 상세 정보

설명: Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.

CWE: CWE-787 | CWE-787

참조

• http://blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash/ [Exploit]
• http://community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx [Broken Link]
• http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 [Broken Link]
• http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html [Mailing List, Third Party Advisory]
• http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html [Mailing List, Third Party Advisory]
• http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html [Mailing List, Third Party Advisory]
• http://secunia.com/advisories/40026 [Broken Link, Vendor Advisory]
• http://secunia.com/advisories/40034 [Broken Link, Vendor Advisory]
• http://secunia.com/advisories/40144 [Broken Link]
• http://secunia.com/advisories/40545 [Broken Link]
• http://secunia.com/advisories/43026 [Broken Link]
• http://security.gentoo.org/glsa/glsa-201101-09.xml [Third Party Advisory]
• http://securitytracker.com/id?1024057 [Broken Link, Third Party Advisory, VDB Entry]
• http://securitytracker.com/id?1024058 [Broken Link, Third Party Advisory, VDB Entry]
• http://securitytracker.com/id?1024085 [Broken Link, Third Party Advisory, VDB Entry]
• ... 외 72건