CVE-2010-2884 — HIGH (9.3) — White Hats Nepal

Q: How severe is CVE-2010-2884?

CVE-2010-2884 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2010-2884?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Google Android, Adobe Acrobat Reader, Adobe Acrobat, Apple Mac Os X.

Vulnerability Description

Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010.

CVSS Score

9.3

HIGH

AV:N/AC:M/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Adobe	Flash Player	<= 10.1.82.76
Google	Android	All versions
Adobe	Acrobat Reader	<= 9.3.4
Adobe	Acrobat	<= 9.3.4
Apple	Mac Os X	All versions
Microsoft	Windows	All versions

References

FAQ

What is CVE-2010-2884?

CVE-2010-2884 is a vulnerability with a CVSS score of 9.3 (HIGH). Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader ...

How severe is CVE-2010-2884?

CVE-2010-2884 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2010-2884?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Google Android, Adobe Acrobat Reader, Adobe Acrobat, Apple Mac Os X.