CVE-2010-3639 — HIGH (9.3) — White Hats Nepal

Q: How severe is CVE-2010-3639?

CVE-2010-3639 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2010-3639?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Apple Mac Os X, Linux Linux Kernel, Microsoft Windows, Sun Solaris.

Vulnerability Description

Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.

CVSS Score

9.3

HIGH

AV:N/AC:M/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Adobe	Flash Player	>= 9.0, < 9.0.289.0
Apple	Mac Os X	-
Linux	Linux Kernel	-
Microsoft	Windows	-
Sun	Solaris	-
Google	Android	-

References

http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1Broken Link
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.htmlThird Party Advisory
http://marc.info/?l=bugtraq&m=130331642631603&w=2Mailing ListThird Party Advisory
http://secunia.com/advisories/42183Third Party Advisory
http://secunia.com/advisories/42926Third Party Advisory
http://secunia.com/advisories/43026Third Party Advisory
http://security.gentoo.org/glsa/glsa-201101-09.xmlThird Party Advisory
http://support.apple.com/kb/HT4435Third Party Advisory
http://www.adobe.com/support/security/bulletins/apsb10-26.htmlPatchVendor Advisory
http://www.redhat.com/support/errata/RHSA-2010-0829.htmlThird Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0834.htmlThird Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0867.htmlThird Party Advisory
http://www.securityfocus.com/bid/44692Third Party AdvisoryVDB Entry
http://www.vupen.com/english/advisories/2010/2903Third Party Advisory

FAQ

What is CVE-2010-3639?

CVE-2010-3639 is a vulnerability with a CVSS score of 9.3 (HIGH). Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to cause a denial of s...

How severe is CVE-2010-3639?

CVE-2010-3639 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2010-3639?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Apple Mac Os X, Linux Linux Kernel, Microsoft Windows, Sun Solaris.