9.3

CVE-2010-3636

EPSS 2.26%
Published 07.11.2010 22:00:01
Last modified 11.04.2025 00:51:21
Source psirt@adobe.com
Teams watchlist Login
Open Login

Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, does not properly handle unspecified encodings during the parsing of a cross-domain policy file, which allows remote web servers to bypass intended access restrictions via unknown vectors.

Affected products Warnungen 0 Metrics 2 CWE 0 References 26

Data is provided by the National Vulnerability Database (NVD)

Adobe ≫ Flash Player Version >= 9.0 < 9.0.289.0

   Apple ≫ macOS X Version-
   Linux ≫ Linux Kernel Version-
   Microsoft ≫ Windows Version-
   Sun ≫ Solaris Version-

Adobe ≫ Flash Player Version >= 10.0 < 10.1.102.64

   Apple ≫ macOS X Version-
   Linux ≫ Linux Kernel Version-
   Microsoft ≫ Windows Version-
   Sun ≫ Solaris Version-

Adobe ≫ Flash Player Version <= 10.1.95.1

Google ≫ Android Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.26%	0.839

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

Third Party Advisory

Mailing List

http://secunia.com/advisories/43026

Third Party Advisory

http://security.gentoo.org/glsa/glsa-201101-09.xml

Third Party Advisory

http://support.apple.com/kb/HT4435

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0192

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html

Third Party Advisory

http://marc.info/?l=bugtraq&m=130331642631603&w=2

Third Party Advisory

Mailing List

http://www.adobe.com/support/security/bulletins/apsb10-26.html

Patch

Vendor Advisory

http://www.vupen.com/english/advisories/2010/2903

Third Party Advisory

http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1

Broken Link

http://secunia.com/advisories/42183

Third Party Advisory

http://secunia.com/advisories/42926

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2010-0829.html

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2010-0834.html

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2010-0867.html

Third Party Advisory

http://www.vupen.com/english/advisories/2010/2906

Third Party Advisory

http://www.vupen.com/english/advisories/2010/2918

Third Party Advisory

http://www.vupen.com/english/advisories/2011/0173

Third Party Advisory

http://jvn.jp/en/jp/JVN48425028/index.html

Third Party Advisory

VDB Entry

http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000054.html

Third Party Advisory

VDB Entry

http://www.securityfocus.com/bid/44691

Third Party Advisory

VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12142

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15913

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2010-3636

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-3636

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-3636

EUVD