CVSS: 4.3EPSS: 0%CPEs: 43EXPL: 0CVE-2010-3638
https://notcve.org/view.php?id=CVE-2010-3638
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Mac OS X, when Safari is used, allows attackers to obtain sensitive information via unknown vectors. Vulnerabilidad no especificada en Adobe Flash Player en versiones anteriores a la 9.0.289.0 y 10.x en versiones anteriores a la 10.1.102.64 en Mac OS X, al usar Safari, permite a atacantes obtener información sensible a través de vectores desconocidos. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html http://marc.info/?l=bugtraq&m=130331642631603&w=2 http://support.apple.com/kb/HT4435 http://www.adobe.com/support/security/bulletins/apsb10-26.html http://www.securityfocus.com/bid/44693 http://www.vupen.com/english/advisories/2010/2903 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11979 https:& •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2010-3643 – flash-plugin: security bulletin APSB10-26
https://notcve.org/view.php?id=CVE-2010-3643
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652. Vulnerabilidad no especificada en Adobe Flash Player en versiones anteriores a la 9.0.289.0 y 10.x en versiones anteriores a la 10.1.102.64 en Windows, Mac OS X, Linux y Solaris, y 10.1.95.1 en Android, permite a atacantes ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria) a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650 y CVE-2010-3652. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html http://marc.info/?l=bugtraq&m=130331642631603&w=2 http://secunia.com/advisories/42183 http://secunia.com/advisories/42926 http://secunia.com/advisories/43026 http://security.gentoo.org/glsa/glsa-201101-09.xml http://support.apple.com/kb/HT4435 http:// •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2010-3641 – flash-plugin: security bulletin APSB10-26
https://notcve.org/view.php?id=CVE-2010-3641
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652. Vulnerabilidad no especificada en Adobe Flash Player anterior v9.0.289.0 y v10.x anterior v10.1.102.64 en Windows, Mac OS X, Linux, y Solaris, y v10.1.95.1 en Android, permite 00a atacantes ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria) a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2010-3640, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, y CVE-2010-3652. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html http://marc.info/?l=bugtraq&m=130331642631603&w=2 http://secunia.com/advisories/42183 http://secunia.com/advisories/42926 http://secunia.com/advisories/43026 http://security.gentoo.org/glsa/glsa-201101-09.xml http://support.apple.com/kb/HT4435 http:// •
CVSS: 9.3EPSS: 1%CPEs: 8EXPL: 0CVE-2010-3636 – flash-plugin: security bulletin APSB10-26
https://notcve.org/view.php?id=CVE-2010-3636
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, does not properly handle unspecified encodings during the parsing of a cross-domain policy file, which allows remote web servers to bypass intended access restrictions via unknown vectors. Adobe Flash Player anterior v9.0.289.0 y v10.x anterior a v10.1.102.64 en Windows, Mac OS X, Linux, y Solaris, y v10.1.95.1 en Android, no maneja adecuadamente codificaciones no especificadas durante el parseo de los ficheros de políticas de cruce de dominios, lo que permite a servidores web remotos evitar las restricciones de acceso a través de vectores no especificados. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1 http://jvn.jp/en/jp/JVN48425028/index.html http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000054.html http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html http://marc.info/?l=bugtraq&m=130331642631603&w=2 http://secunia.com/advisories/42183 http://secunia.com/advisories/42926 http://secunia.com/advisories • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 14%CPEs: 3EXPL: 0CVE-2010-3637
https://notcve.org/view.php?id=CVE-2010-3637
An unspecified ActiveX control in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 (Flash10h.ocx) on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FLV video. Un control ActiveX no especificados en Adobe Flash Player anterior a versión 9.0.289.0 y versión 10.x anterior a 10.1.102.64 (Flash10h.ocx) en Windows permiten que los atacantes remotos ejecuten códigos arbitrarios o causen una denegación de servicio (corrupción de memoria) por medio de un video FLV creado. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1 http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html http://marc.info/?l=bugtraq&m=130331642631603&w=2 http://secunia.com/advisories/42926 http://www.adobe.com/support/security/bulletins/apsb10-26.html http://www.securityfocus.com/archive/1/514652/100/0/threaded http://www.securityfocus.com/bid/44690 http://www.vupen.com/english/advisories/2010/2903 http://www.vupen.com/english/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •