9.3

CVE-2010-3636

EPSS 1.68%
Veröffentlicht 07.11.2010 22:00:01
Zuletzt bearbeitet 29.04.2026 01:13:23
Quelle psirt@adobe.com
CVE-Watchlists
Login
Unerledigt
Login

Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, does not properly handle unspecified encodings during the parsing of a cross-domain policy file, which allows remote web servers to bypass intended access restrictions via unknown vectors.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 26

NVD 3 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Adobe ≫ Flash Player Version >= 9.0 < 9.0.289.0

   Apple ≫ macOS X Version-
   Linux ≫ Linux Kernel Version-
   Microsoft ≫ Windows Version-
   Sun ≫ Solaris Version-

Adobe ≫ Flash Player Version >= 10.0 < 10.1.102.64

   Apple ≫ macOS X Version-
   Linux ≫ Linux Kernel Version-
   Microsoft ≫ Windows Version-
   Sun ≫ Solaris Version-

Adobe ≫ Flash Player Version <= 10.1.95.1

Google ≫ Android Version-

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.68%	0.818

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

Third Party Advisory

Mailing List

http://secunia.com/advisories/43026

Third Party Advisory

http://security.gentoo.org/glsa/glsa-201101-09.xml

Third Party Advisory

http://support.apple.com/kb/HT4435

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0192

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html

Third Party Advisory

http://marc.info/?l=bugtraq&m=130331642631603&w=2

Third Party Advisory

Mailing List

http://www.adobe.com/support/security/bulletins/apsb10-26.html

Patch

Vendor Advisory

http://www.vupen.com/english/advisories/2010/2903

Third Party Advisory

http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1

Broken Link

http://secunia.com/advisories/42183

Third Party Advisory

http://secunia.com/advisories/42926

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2010-0829.html

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2010-0834.html

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2010-0867.html

Third Party Advisory

http://www.vupen.com/english/advisories/2010/2906

Third Party Advisory

http://www.vupen.com/english/advisories/2010/2918

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0173

Third Party Advisory

http://jvn.jp/en/jp/JVN48425028/index.html

Third Party Advisory

VDB Entry

http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000054.html

Third Party Advisory

VDB Entry

http://www.securityfocus.com/bid/44691

Third Party Advisory

VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12142

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15913

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2010-3636

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-3636

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-3636

EUVD