FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2010-2174

This CVE name corresponds to:

Entered Topic
2010-06-14 linux-flashplugin -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2010-2174 at cve.mitre.org

Details

Type Candidate
Name CVE-2010-2174
Phase Assigned(20100607)

Description

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newfunction (0x44) operator, a different vulnerability than CVE-2010-2173.

References

Source Reference
BUGTRAQ 20100616 VUPEN Security Research - Adobe Flash Player "newfunction" Invalid Pointer Vulnerability (CVE-2010-2174)
CONFIRM http://www.adobe.com/support/security/bulletins/apsb10-14.html
CONFIRM http://support.apple.com/kb/HT4435
APPLE APPLE-SA-2010-11-10-1
GENTOO GLSA-201101-09
HP HPSBMA02547
HP SSRT100179
REDHAT RHSA-2010:0464
REDHAT RHSA-2010:0470
SUSE SUSE-SA:2010:024
SUSE SUSE-SR:2010:013
TURBO TLSA-2010-19
CERT TA10-162A
BID 40759
BID 40805
OVAL oval:org.mitre.oval:def:7528
OVAL oval:org.mitre.oval:def:15360
SECTRACK 1024085
SECTRACK 1024086
SECUNIA 40144
SECUNIA 40545
SECUNIA 43026
VUPEN ADV-2010-1453
VUPEN ADV-2010-1421
VUPEN ADV-2010-1432
VUPEN ADV-2010-1434
VUPEN ADV-2010-1482
VUPEN ADV-2010-1522
VUPEN ADV-2010-1793
VUPEN ADV-2011-0192
XF adobe-fpair-invalidpointer-ce(59323)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.