9.3
CVE-2010-3636
- EPSS 5.26%
- Veröffentlicht 07.11.2010 22:00:01
- Zuletzt bearbeitet 16.06.2026 23:23:11
- Quelle psirt@adobe.com
- CVE-Watchlists
- Unerledigt
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, does not properly handle unspecified encodings during the parsing of a cross-domain policy file, which allows remote web servers to bypass intended access restrictions via unknown vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Flash Player Version >= 9.0 < 9.0.289.0
Adobe ≫ Flash Player Version >= 10.0 < 10.1.102.64
Adobe ≫ Flash Player Version <= 10.1.95.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.26% | 0.915 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
http://secunia.com/advisories/43026
http://security.gentoo.org/glsa/glsa-201101-09.xml
http://support.apple.com/kb/HT4435
http://www.vupen.com/english/advisories/2011/0192
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html
http://marc.info/?l=bugtraq&m=130331642631603&w=2
http://www.adobe.com/support/security/bulletins/apsb10-26.html
http://www.vupen.com/english/advisories/2010/2903
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1
http://secunia.com/advisories/42183
http://secunia.com/advisories/42926
http://www.redhat.com/support/errata/RHSA-2010-0829.html
http://www.redhat.com/support/errata/RHSA-2010-0834.html
http://www.redhat.com/support/errata/RHSA-2010-0867.html
http://www.vupen.com/english/advisories/2010/2906
http://www.vupen.com/english/advisories/2010/2918
http://www.vupen.com/english/advisories/2011/0173
http://jvn.jp/en/jp/JVN48425028/index.html
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000054.html
http://www.securityfocus.com/bid/44691
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12142
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15913