CVE-2010-2164

Published: Jun 15, 2010Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to an unspecified "image type within a certain function."

Affected (67)

Products: Adobe: Flash Player, Air · Macromedia: Flash Player

2 products

1 product

Configuration A

19 vulnerable

Vulnerable Software	Affected Versions
Adobe Flash Player	Version 9.0.115.0
Adobe Flash Player	Version 9.0.124.0
Adobe Flash Player	Version 9.0.125.0
Adobe Flash Player	Version 9.0.151.0
Adobe Flash Player	Version 9.0.152.0
Adobe Flash Player	Version 9.0.159.0
Adobe Flash Player	Version 9.0.16
Adobe Flash Player	Version 9.0.20.0
Adobe Flash Player	Version 9.0.20
Adobe Flash Player	Version 9.0.246.0
Adobe Flash Player	Version 9.0.260.0
Adobe Flash Player	Version 9.0.262.0
Adobe Flash Player	Version 9.0.28.0
Adobe Flash Player	Version 9.0.28
Adobe Flash Player	Version 9.0.31.0
Adobe Flash Player	Version 9.0.31
Adobe Flash Player	Version 9.0.45.0
Adobe Flash Player	Version 9.0.47.0
Adobe Flash Player	Version 9.0.48.0

Configuration B

8 vulnerable

Vulnerable Software	Affected Versions
Adobe Flash Player	Up to 10.0.45.2
Adobe Flash Player	Version 10.0.0.584
Adobe Flash Player	Version 10.0.12.10
Adobe Flash Player	Version 10.0.12.36
Adobe Flash Player	Version 10.0.15.3
Adobe Flash Player	Version 10.0.22.87
Adobe Flash Player	Version 10.0.32.18
Adobe Flash Player	Version 10.0.42.34

Configuration C

33 vulnerable

Vulnerable Software	Affected Versions
Adobe Flash Player	Version 6.0.79
Adobe Flash Player	Version 7.0.14.0
Adobe Flash Player	Version 7.0.19.0
Adobe Flash Player	Version 7.0.1
Adobe Flash Player	Version 7.0.24.0
Adobe Flash Player	Version 7.0.25
Adobe Flash Player	Version 7.0.53.0
Adobe Flash Player	Version 7.0.60.0
Adobe Flash Player	Version 7.0.61.0
Adobe Flash Player	Version 7.0.63
Adobe Flash Player	Version 7.0.66.0
Adobe Flash Player	Version 7.0.67.0
Adobe Flash Player	Version 7.0.68.0
Adobe Flash Player	Version 7.0.69.0
Adobe Flash Player	Version 7.0.70.0
Adobe Flash Player	Version 7.0.73.0
Adobe Flash Player	Version 7.0
Adobe Flash Player	Version 7.1.1
Adobe Flash Player	Version 7.1
Adobe Flash Player	Version 7.2
Adobe Flash Player	Version 8.0.22.0
Adobe Flash Player	Version 8.0.24.0
Adobe Flash Player	Version 8.0.33.0
Adobe Flash Player	Version 8.0.34.0
Adobe Flash Player	Version 8.0.35.0
Adobe Flash Player	Version 8.0.39.0
Adobe Flash Player	Version 8.0.42.0
Adobe Flash Player	Version 8.0
Macromedia Flash Player	Version 5.0.30.0
Macromedia Flash Player	Version 5.0.41.0
Macromedia Flash Player	Version 5.0.42.0
Macromedia Flash Player	Version 5.0.58.0
Macromedia Flash Player	Version 5.0

Configuration D

7 vulnerable

Vulnerable Software	Affected Versions
Adobe Air	Up to 1.5.3.9130
Adobe Air	Version 1.0
Adobe Air	Version 1.1
Adobe Air	Version 1.5.1
Adobe Air	Version 1.5.2
Adobe Air	Version 1.5.3
Adobe Air	Version 1.5

Related CWEs

CWE-399

References (58)

http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751

Source: psirt@adobe.com

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=872

Source: psirt@adobe.com

http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

Source: psirt@adobe.com

http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html

Source: psirt@adobe.com

http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html

Source: psirt@adobe.com

http://secunia.com/advisories/40144

Source: psirt@adobe.com

Vendor Advisory

http://secunia.com/advisories/40545

Source: psirt@adobe.com

Vendor Advisory

http://secunia.com/advisories/43026

Source: psirt@adobe.com

Vendor Advisory

http://security.gentoo.org/glsa/glsa-201101-09.xml

Source: psirt@adobe.com

http://securitytracker.com/id?1024085

Source: psirt@adobe.com

http://securitytracker.com/id?1024086

Source: psirt@adobe.com

http://support.apple.com/kb/HT4435

Source: psirt@adobe.com

http://www.adobe.com/support/security/bulletins/apsb10-14.html

Source: psirt@adobe.com

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2010-0464.html

Source: psirt@adobe.com

http://www.redhat.com/support/errata/RHSA-2010-0470.html

Source: psirt@adobe.com

http://www.securityfocus.com/bid/40759

Source: psirt@adobe.com

http://www.securityfocus.com/bid/40780

Source: psirt@adobe.com

http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt

Source: psirt@adobe.com

http://www.us-cert.gov/cas/techalerts/TA10-162A.html

Source: psirt@adobe.com

US Government Resource

http://www.vupen.com/english/advisories/2010/1421

Source: psirt@adobe.com

Vendor Advisory

http://www.vupen.com/english/advisories/2010/1432

Source: psirt@adobe.com

Vendor Advisory

http://www.vupen.com/english/advisories/2010/1434

Source: psirt@adobe.com

Vendor Advisory

http://www.vupen.com/english/advisories/2010/1453

Source: psirt@adobe.com

Vendor Advisory

http://www.vupen.com/english/advisories/2010/1482

Source: psirt@adobe.com

Vendor Advisory

http://www.vupen.com/english/advisories/2010/1522

Source: psirt@adobe.com

Vendor Advisory

http://www.vupen.com/english/advisories/2010/1793

Source: psirt@adobe.com

Vendor Advisory

http://www.vupen.com/english/advisories/2011/0192

Source: psirt@adobe.com

Vendor Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15798

Source: psirt@adobe.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6765

Source: psirt@adobe.com

http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751