CVE-2010-2171

Vulnerability Description

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors related to SWF files, decompression of embedded JPEG image data, and the DefineBits and other unspecified tags, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.

CVSS Score

Affected Products

Related Weaknesses (CWE)

References

• http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751
• http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
• http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html
• http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
• http://secunia.com/advisories/40144
• http://secunia.com/advisories/40545
• http://secunia.com/advisories/43026
• http://security.gentoo.org/glsa/glsa-201101-09.xml
• http://securitytracker.com/id?1024085
• http://securitytracker.com/id?1024086
• http://support.apple.com/kb/HT4435
• http://www.adobe.com/support/security/bulletins/apsb10-14.htmlPatchVendor Advisory
• http://www.redhat.com/support/errata/RHSA-2010-0464.html
• http://www.redhat.com/support/errata/RHSA-2010-0470.html
• http://www.securityfocus.com/archive/1/511860/100/0/threaded