CVE-2010-1297 – Adobe Flash Player Memory Corruption Vulnerability

https://notcve.org/view.php?id=CVE-2010-1297

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010. Vulnerabilidad sin especificar en Adobe Flash Player v9.0.x a v9.0.262 y v10.x a v10.0.45.2, y authplay.dl en Adobe Reader y Acrobat v9.x a 9.3.2, permite a atacantes remotos ejecutar código a su elección a través de contenido SWF manipulado, se explota activamente desde Junio de 2010. Adobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS). • https://www.exploit-db.com/exploits/13787 https://www.exploit-db.com/exploits/14853 https://www.exploit-db.com/exploits/16614 https://www.exploit-db.com/exploits/16687 http://blog.zynamics.com/2010/06/09/analyzing-the-currently-exploited-0-day-for-adobe-reader-and-adobe-flash http://community.websense.com/blogs/securitylabs/archive/2010/06/09/having-fun-with-adobe-0-day-exploits.aspx http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 http://lists.apple.com& • CWE-787: Out-of-bounds Write •