9.3

CVE-2010-2874

EPSS 10.34%
Published 07.09.2010 18:00:02
Last modified 11.04.2025 00:51:21
Source psirt@adobe.com
Teams watchlist Login
Open Login

Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to execute arbitrary code via unknown vectors that trigger memory corruption.  NOTE: due to conflicting information and use of the same CVE identifier by the vendor, ZDI, and TippingPoint, it is not clear whether this issue is related to use of an uninitialized pointer, an incorrect pointer offset calculation, or both.

Affected products Warnungen 0 Metrics 2 CWE 0 References 7

Data is provided by the National Vulnerability Database (NVD)

Adobe ≫ Shockwave Player Version <= 11.5.7.609

Adobe ≫ Shockwave Player Version1.0

Adobe ≫ Shockwave Player Version2.0

Adobe ≫ Shockwave Player Version3.0

Adobe ≫ Shockwave Player Version4.0

Adobe ≫ Shockwave Player Version5.0

Adobe ≫ Shockwave Player Version6.0

Adobe ≫ Shockwave Player Version8.0

Adobe ≫ Shockwave Player Version8.0.196

Adobe ≫ Shockwave Player Version8.0.196a

Adobe ≫ Shockwave Player Version8.0.204

Adobe ≫ Shockwave Player Version8.0.205

Adobe ≫ Shockwave Player Version8.5.1

Adobe ≫ Shockwave Player Version8.5.1.100

Adobe ≫ Shockwave Player Version8.5.1.103

Adobe ≫ Shockwave Player Version8.5.1.105

Adobe ≫ Shockwave Player Version8.5.1.106

Adobe ≫ Shockwave Player Version8.5.321

Adobe ≫ Shockwave Player Version8.5.323

Adobe ≫ Shockwave Player Version8.5.324

Adobe ≫ Shockwave Player Version8.5.325

Adobe ≫ Shockwave Player Version9

Adobe ≫ Shockwave Player Version9.0.383

Adobe ≫ Shockwave Player Version9.0.432

Adobe ≫ Shockwave Player Version10.0.0.210

Adobe ≫ Shockwave Player Version10.0.1.004

Adobe ≫ Shockwave Player Version10.1.0.11

Adobe ≫ Shockwave Player Version10.1.0.011

Adobe ≫ Shockwave Player Version10.1.1.016

Adobe ≫ Shockwave Player Version10.1.4.020

Adobe ≫ Shockwave Player Version10.2.0.021

Adobe ≫ Shockwave Player Version10.2.0.022

Adobe ≫ Shockwave Player Version10.2.0.023

Adobe ≫ Shockwave Player Version11.0.0.456

Adobe ≫ Shockwave Player Version11.0.3.471

Adobe ≫ Shockwave Player Version11.5.0.595

Adobe ≫ Shockwave Player Version11.5.0.596

Adobe ≫ Shockwave Player Version11.5.1.601

Adobe ≫ Shockwave Player Version11.5.2.602

Adobe ≫ Shockwave Player Version11.5.6.606

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	10.34%	0.924

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://www.adobe.com/support/security/bulletins/apsb10-20.html

Patch

Vendor Advisory

http://www.securitytracker.com/id?1024361

http://www.vupen.com/english/advisories/2010/2176

Vendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11924

https://nvd.nist.gov/vuln/detail/CVE-2010-2874

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-2874

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-2874

EUVD