VRDA Feed : Provides information for vulnerability impact analysis

VRDA Feed by

Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis

[ about VRDA Feed | JPCERT/CC ]

Vulnerability Analysis Result (Revision No : 1)

[ Download XML ]

CVE-2010-2874

shockwave_player: Unspecified vulnerability in Adobe Shockwave Player...

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2874

Original

Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to execute arbitrary code via unknown vectors that trigger memory corruption. NOTE: due to conflicting information and use of the same CVE identifier by the vendor, ZDI, and TippingPoint, it is not clear whether this issue is related to use of an uninitialized pointer, an incorrect pointer offset calculation, or both.

Translation (Show)

About This Analysis Information

Analysis Information Provider:

NIST NVD

First Published:

2010-09-07

Source Information Category:

Advisory, Alert

Last Updated:

2010-09-07

Affected Product Tags

cpe:/a:adobe:shockwave_player:1.0

cpe:/a:adobe:shockwave_player:10.0.0.210

cpe:/a:adobe:shockwave_player:10.0.1.004

cpe:/a:adobe:shockwave_player:10.1.0.011

cpe:/a:adobe:shockwave_player:10.1.0.11

cpe:/a:adobe:shockwave_player:10.1.1.016

cpe:/a:adobe:shockwave_player:10.1.4.020

cpe:/a:adobe:shockwave_player:10.2.0.021

cpe:/a:adobe:shockwave_player:10.2.0.022

cpe:/a:adobe:shockwave_player:10.2.0.023

cpe:/a:adobe:shockwave_player:11.0.0.456

cpe:/a:adobe:shockwave_player:11.0.3.471

cpe:/a:adobe:shockwave_player:11.5.0.595

cpe:/a:adobe:shockwave_player:11.5.0.596

cpe:/a:adobe:shockwave_player:11.5.1.601

cpe:/a:adobe:shockwave_player:11.5.2.602

cpe:/a:adobe:shockwave_player:11.5.6.606

cpe:/a:adobe:shockwave_player:11.5.7.609 and previous versions

cpe:/a:adobe:shockwave_player:2.0

cpe:/a:adobe:shockwave_player:3.0

cpe:/a:adobe:shockwave_player:4.0

cpe:/a:adobe:shockwave_player:5.0

cpe:/a:adobe:shockwave_player:6.0

cpe:/a:adobe:shockwave_player:8.0

cpe:/a:adobe:shockwave_player:8.0.196

cpe:/a:adobe:shockwave_player:8.0.196a

cpe:/a:adobe:shockwave_player:8.0.204

cpe:/a:adobe:shockwave_player:8.0.205

cpe:/a:adobe:shockwave_player:8.5.1

cpe:/a:adobe:shockwave_player:8.5.1.100

cpe:/a:adobe:shockwave_player:8.5.1.103

cpe:/a:adobe:shockwave_player:8.5.1.105

cpe:/a:adobe:shockwave_player:8.5.1.106

cpe:/a:adobe:shockwave_player:8.5.321

cpe:/a:adobe:shockwave_player:8.5.323

cpe:/a:adobe:shockwave_player:8.5.324

cpe:/a:adobe:shockwave_player:8.5.325

cpe:/a:adobe:shockwave_player:9

cpe:/a:adobe:shockwave_player:9.0.383

cpe:/a:adobe:shockwave_player:9.0.432

Vulnerability Analysis Results

[Access Vector] ^[?]

Undefined^[?]

Local^[?]

Adjacent Network^[?]

Network^[?]

[Access Complexit] ^[?]

Undefined^[?]

High^[?]

Medium^[?]

Low^[?]

[Authentication] ^[?]

Undefined^[?]

Multiple^[?]

Single^[?]

None^[?]

[Confidentiality Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Integrity Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Availability Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

Alternatives

References

CONFIRM http://www.adobe.com/support/security/bulletins/apsb10-20.html

SECTRACK 1024361

VUPEN ADV-2010-2176

Vulnerability Type Resource Management Errors (CWE-399)