FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2010-3654

This CVE name corresponds to:

Entered	Topic
2010-11-06	linux-flashplugin -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2010-3654 at cve.mitre.org

Details

Type	Candidate
Name	CVE-2010-3654
Phase	Assigned(20100928)

Description

Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.

References

Source	Reference
MISC	http://contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.html
CONFIRM	http://www.adobe.com/support/security/advisories/apsa10-05.html
CONFIRM	http://www.adobe.com/support/security/bulletins/apsb10-26.html
CONFIRM	http://support.apple.com/kb/HT4435
CONFIRM	http://www.adobe.com/support/security/bulletins/apsb10-28.html
CONFIRM	http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1
APPLE	APPLE-SA-2010-11-10-1
GENTOO	GLSA-201101-08
GENTOO	GLSA-201101-09
REDHAT	RHSA-2010:0829
REDHAT	RHSA-2010:0834
REDHAT	RHSA-2010:0934
REDHAT	RHSA-2010:0867
SUSE	SUSE-SA:2010:058
SUSE	SUSE-SA:2010:055
TURBO	TLSA-2011-2
CERT-VN	VU#298081
BID	44504
OVAL	oval:org.mitre.oval:def:13294
SECTRACK	1024659
SECTRACK	1024660
SECUNIA	41917
SECUNIA	42030
SECUNIA	42183
SECUNIA	42401
SECUNIA	42926
SECUNIA	43025
SECUNIA	43026
SREASON	8210
VUPEN	ADV-2010-2903
VUPEN	ADV-2010-2906
VUPEN	ADV-2010-2918
VUPEN	ADV-2010-3111
VUPEN	ADV-2011-0173
VUPEN	ADV-2011-0191
VUPEN	ADV-2011-0192
VUPEN	ADV-2011-0344