1. Home
  2. CVE Database
  3. CVE-2010-3654
HIGH · 9.3

CVE-2010-3654

Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in ...

Vulnerability Description

Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.

CVSS Score

9.3

HIGH

AV:N/AC:M/Au:N/C:C/I:C/A:C
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE

Affected Products

VendorProductVersions
AdobeFlash Player<= 10.1.85.3
MacromediaFlash Player5.0
AppleMac Os XAll versions
LinuxLinux KernelAll versions
MicrosoftWindowsAll versions
OracleSolarisAll versions
GoogleAndroidAll versions
AdobeAcrobat9.0
AdobeAcrobat Reader9.0

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2010-3654?

CVE-2010-3654 is a vulnerability with a CVSS score of 9.3 (HIGH). Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in ...

How severe is CVE-2010-3654?

CVE-2010-3654 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2010-3654?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Macromedia Flash Player, Apple Mac Os X, Linux Linux Kernel, Microsoft Windows.