CVE-2010-3654
Summary
| CVE | CVE-2010-3654 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2010-10-29 19:00:00 UTC |
| Updated | 2017-09-19 01:31:00 UTC |
| Description | Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010. |
Risk And Classification
Problem Types: CWE-119
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Adobe | Acrobat | 9.0 | All | All | All |
| Application | Adobe | Acrobat | 9.1 | All | All | All |
| Application | Adobe | Acrobat | 9.1.1 | All | All | All |
| Application | Adobe | Acrobat | 9.1.2 | All | All | All |
| Application | Adobe | Acrobat | 9.1.3 | All | All | All |
| Application | Adobe | Acrobat | 9.2 | All | All | All |
| Application | Adobe | Acrobat | 9.3 | All | All | All |
| Application | Adobe | Acrobat | 9.3.1 | All | All | All |
| Application | Adobe | Acrobat | 9.3.2 | All | All | All |
| Application | Adobe | Acrobat | 9.3.3 | All | All | All |
| Application | Adobe | Acrobat | 9.3.4 | All | All | All |
| Application | Adobe | Acrobat | 9.4 | All | All | All |
| Application | Adobe | Acrobat | 9.0 | All | All | All |
| Application | Adobe | Acrobat | 9.1 | All | All | All |
| Application | Adobe | Acrobat | 9.1.1 | All | All | All |
| Application | Adobe | Acrobat | 9.1.2 | All | All | All |
| Application | Adobe | Acrobat | 9.1.3 | All | All | All |
| Application | Adobe | Acrobat | 9.2 | All | All | All |
| Application | Adobe | Acrobat | 9.3 | All | All | All |
| Application | Adobe | Acrobat | 9.3.1 | All | All | All |
| Application | Adobe | Acrobat | 9.3.2 | All | All | All |
| Application | Adobe | Acrobat | 9.3.3 | All | All | All |
| Application | Adobe | Acrobat | 9.3.4 | All | All | All |
| Application | Adobe | Acrobat | 9.4 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.0 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.1 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.1.1 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.1.2 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.1.3 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.2 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.3 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.3.1 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.3.2 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.3.3 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.3.4 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.4 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.0 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.1 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.1.1 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.1.2 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.1.3 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.2 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.3 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.3.1 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.3.2 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.3.3 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.3.4 | All | All | All |
| Application | Adobe | Acrobat Reader | 9.4 | All | All | All |
| Application | Adobe | Flash Player | 10.0.0.584 | All | All | All |
| Application | Adobe | Flash Player | 10.0.12.10 | All | All | All |
| Application | Adobe | Flash Player | 10.0.12.36 | All | All | All |
| Application | Adobe | Flash Player | 10.0.15.3 | All | All | All |
| Application | Adobe | Flash Player | 10.0.22.87 | All | All | All |
| Application | Adobe | Flash Player | 10.0.32.18 | All | All | All |
| Application | Adobe | Flash Player | 10.0.42.34 | All | All | All |
| Application | Adobe | Flash Player | 10.0.45.2 | All | All | All |
| Application | Adobe | Flash Player | 10.1.52.14.1 | All | All | All |
| Application | Adobe | Flash Player | 10.1.52.15 | All | All | All |
| Application | Adobe | Flash Player | 10.1.53.64 | All | All | All |
| Application | Adobe | Flash Player | 10.1.82.76 | All | All | All |
| Application | Adobe | Flash Player | 10.1.85.3 | All | All | All |
| Application | Adobe | Flash Player | 10.1.92.10 | All | All | All |
| Application | Adobe | Flash Player | 10.1.92.8 | All | All | All |
| Application | Adobe | Flash Player | 6.0.21.0 | All | All | All |
| Application | Adobe | Flash Player | 6.0.79 | All | All | All |
| Application | Adobe | Flash Player | 7.0 | All | All | All |
| Application | Adobe | Flash Player | 7.0.1 | All | All | All |
| Application | Adobe | Flash Player | 7.0.25 | All | All | All |
| Application | Adobe | Flash Player | 7.0.63 | All | All | All |
| Application | Adobe | Flash Player | 7.0.69.0 | All | All | All |
| Application | Adobe | Flash Player | 7.0.70.0 | All | All | All |
| Application | Adobe | Flash Player | 7.1 | All | All | All |
| Application | Adobe | Flash Player | 7.1.1 | All | All | All |
| Application | Adobe | Flash Player | 7.2 | All | All | All |
| Application | Adobe | Flash Player | 8.0 | All | All | All |
| Application | Adobe | Flash Player | 8.0.22.0 | All | All | All |
| Application | Adobe | Flash Player | 8.0.24.0 | All | All | All |
| Application | Adobe | Flash Player | 8.0.33.0 | All | All | All |
| Application | Adobe | Flash Player | 8.0.34.0 | All | All | All |
| Application | Adobe | Flash Player | 8.0.35.0 | All | All | All |
| Application | Adobe | Flash Player | 8.0.39.0 | All | All | All |
| Application | Adobe | Flash Player | 8.0.42.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.112.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.114.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.115.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.124.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.125.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.151.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.152.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.159.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.16 | All | All | All |
| Application | Adobe | Flash Player | 9.0.18d60 | All | All | All |
| Application | Adobe | Flash Player | 9.0.20 | All | All | All |
| Application | Adobe | Flash Player | 9.0.20.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.246.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.260.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.28 | All | All | All |
| Application | Adobe | Flash Player | 9.0.28.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.31 | All | All | All |
| Application | Adobe | Flash Player | 9.0.31.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.45.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.47.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.48.0 | All | All | All |
| Application | Adobe | Flash Player | 9.125.0 | All | All | All |
| Application | Adobe | Flash Player | 10.0.0.584 | All | All | All |
| Application | Adobe | Flash Player | 10.0.12.10 | All | All | All |
| Application | Adobe | Flash Player | 10.0.12.36 | All | All | All |
| Application | Adobe | Flash Player | 10.0.15.3 | All | All | All |
| Application | Adobe | Flash Player | 10.0.22.87 | All | All | All |
| Application | Adobe | Flash Player | 10.0.32.18 | All | All | All |
| Application | Adobe | Flash Player | 10.0.42.34 | All | All | All |
| Application | Adobe | Flash Player | 10.0.45.2 | All | All | All |
| Application | Adobe | Flash Player | 10.1.52.14.1 | All | All | All |
| Application | Adobe | Flash Player | 10.1.52.15 | All | All | All |
| Application | Adobe | Flash Player | 10.1.53.64 | All | All | All |
| Application | Adobe | Flash Player | 10.1.82.76 | All | All | All |
| Application | Adobe | Flash Player | 10.1.85.3 | All | All | All |
| Application | Adobe | Flash Player | 10.1.92.10 | All | All | All |
| Application | Adobe | Flash Player | 10.1.92.8 | All | All | All |
| Application | Adobe | Flash Player | 6.0.21.0 | All | All | All |
| Application | Adobe | Flash Player | 6.0.79 | All | All | All |
| Application | Adobe | Flash Player | 7.0 | All | All | All |
| Application | Adobe | Flash Player | 7.0.1 | All | All | All |
| Application | Adobe | Flash Player | 7.0.25 | All | All | All |
| Application | Adobe | Flash Player | 7.0.63 | All | All | All |
| Application | Adobe | Flash Player | 7.0.69.0 | All | All | All |
| Application | Adobe | Flash Player | 7.0.70.0 | All | All | All |
| Application | Adobe | Flash Player | 7.1 | All | All | All |
| Application | Adobe | Flash Player | 7.1.1 | All | All | All |
| Application | Adobe | Flash Player | 7.2 | All | All | All |
| Application | Adobe | Flash Player | 8.0 | All | All | All |
| Application | Adobe | Flash Player | 8.0.22.0 | All | All | All |
| Application | Adobe | Flash Player | 8.0.24.0 | All | All | All |
| Application | Adobe | Flash Player | 8.0.33.0 | All | All | All |
| Application | Adobe | Flash Player | 8.0.34.0 | All | All | All |
| Application | Adobe | Flash Player | 8.0.35.0 | All | All | All |
| Application | Adobe | Flash Player | 8.0.39.0 | All | All | All |
| Application | Adobe | Flash Player | 8.0.42.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.112.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.114.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.115.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.124.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.125.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.151.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.152.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.159.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.16 | All | All | All |
| Application | Adobe | Flash Player | 9.0.18d60 | All | All | All |
| Application | Adobe | Flash Player | 9.0.20 | All | All | All |
| Application | Adobe | Flash Player | 9.0.20.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.246.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.260.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.28 | All | All | All |
| Application | Adobe | Flash Player | 9.0.28.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.31 | All | All | All |
| Application | Adobe | Flash Player | 9.0.31.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.45.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.47.0 | All | All | All |
| Application | Adobe | Flash Player | 9.0.48.0 | All | All | All |
| Application | Adobe | Flash Player | 9.125.0 | All | All | All |
| Application | Adobe | Flash Player | All | All | All | All |
| Application | Adobe | Flash Player | All | All | All | All |
| Operating System | Apple | Mac Os X | All | All | All | All |
| Operating System | Apple | Mac Os X | All | All | All | All |
| Operating System | Android | All | All | All | All | |
| Operating System | Android | All | All | All | All | |
| Operating System | Linux | Linux Kernel | All | All | All | All |
| Operating System | Linux | Linux Kernel | All | All | All | All |
| Application | Macromedia | Flash Player | 5.0 | All | All | All |
| Application | Macromedia | Flash Player | 5.0_r50 | All | All | All |
| Application | Macromedia | Flash Player | 6.0 | All | All | All |
| Application | Macromedia | Flash Player | 6.0.29.0 | All | All | All |
| Application | Macromedia | Flash Player | 6.0.40.0 | All | All | All |
| Application | Macromedia | Flash Player | 6.0.47.0 | All | All | All |
| Application | Macromedia | Flash Player | 6.0.65.0 | All | All | All |
| Application | Macromedia | Flash Player | 6.0.79.0 | All | All | All |
| Application | Macromedia | Flash Player | 5.0 | All | All | All |
| Application | Macromedia | Flash Player | 5.0_r50 | All | All | All |
| Application | Macromedia | Flash Player | 6.0 | All | All | All |
| Application | Macromedia | Flash Player | 6.0.29.0 | All | All | All |
| Application | Macromedia | Flash Player | 6.0.40.0 | All | All | All |
| Application | Macromedia | Flash Player | 6.0.47.0 | All | All | All |
| Application | Macromedia | Flash Player | 6.0.65.0 | All | All | All |
| Application | Macromedia | Flash Player | 6.0.79.0 | All | All | All |
| Operating System | Microsoft | Windows | All | All | All | All |
| Operating System | Microsoft | Windows | All | All | All | All |
| Operating System | Oracle | Solaris | All | All | All | All |
| Operating System | Oracle | Solaris | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SecurityTracker.com Archives - Adobe Flash Player Flaw Lets Remote Users Execute Arbitrary Code | SECTRACK | www.securitytracker.com | |
| Support | REDHAT | www.redhat.com | |
| contagio: CVE-2010-3654 Adobe Flash player zero day vulnerability | MISC | contagiodump.blogspot.com | Exploit |
| APPLE-SA-2010-11-10-1 Mac OS X v10.6.5 and Security Update 2010-007 | APPLE | lists.apple.com | |
| Oracle Solaris Adobe Flash Player Multiple Vulnerabilities - Advisories - Community | SECUNIA | secunia.com | |
| Adobe Flash Player Multiple Vulnerabilities - Advisories - Community | SECUNIA | secunia.com | Vendor Advisory |
| Gentoo update for adobe-flash - Advisories - Community | SECUNIA | secunia.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| Gentoo Linux Documentation -- Adobe Reader: Multiple vulnerabilities | GENTOO | security.gentoo.org | |
| Adobe - Security Bulletins: APSB10-26 - Security update available for Adobe Flash Player | CONFIRM | www.adobe.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| US-CERT Vulnerability Note VU#298081 | CERT-VN | www.kb.cert.org | US Government Resource |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| SecurityTracker.com Archives - Adobe Reader and Acrobat Flaw in 'authplay.dll' Lets Remote Users Execute Arbitrary Code | SECTRACK | www.securitytracker.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| Support | REDHAT | www.redhat.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| Support | REDHAT | www.redhat.com | |
| Adobe - Security Bulletins: APSB10-28 - Security updates available for Adobe Reader and Acrobat | CONFIRM | www.adobe.com | |
| [security-announce] SUSE Security Announcement: flash-player (SUSE-SA:20 | SUSE | lists.opensuse.org | |
| Red Hat update for flash-plugin - Advisories - Community | SECUNIA | secunia.com | |
| Gentoo update for acroread - Advisories - Community | SECUNIA | secunia.com | |
| 404 Not Found | TURBO | www.turbolinux.co.jp | |
| Adobe Acrobat, Reader, and Flash CVE-2010-3654 Remote Code Execution Vulnerability | BID | www.securityfocus.com | |
| Red Hat update for acroread - Secunia.com | SECUNIA | secunia.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| [security-announce] SUSE Security Announcement: acoread (SUSE-SA:2010:05 | SUSE | lists.opensuse.org | |
| Support | REDHAT | www.redhat.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| Adobe Reader / Acrobat authplay.dll Multiple Vulnerabilities - Advisories - Community | SECUNIA | secunia.com | |
| Adobe Flash Player < 10.1.53 .64 Action Script Type Confusion Exploit (DEP+ASLR bypass) - CXSecurity.com | SREASON | securityreason.com | |
| Gentoo Linux Documentation -- Adobe Flash Player: Multiple vulnerabilities | GENTOO | security.gentoo.org | |
| Adobe - Security Advisories: APSA10-05 - Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat | CONFIRM | www.adobe.com | Vendor Advisory |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| About the security content of Mac OS X v10.6.5 and Security Update 2010-007 | CONFIRM | support.apple.com | |
| Security | CONFIRM | blogs.sun.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.