ID

VAR-201011-0229


CVE

CVE-2010-3636


TITLE

Flash Player access restriction bypass vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2010-000054

DESCRIPTION

Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, does not properly handle unspecified encodings during the parsing of a cross-domain policy file, which allows remote web servers to bypass intended access restrictions via unknown vectors. Flash Player contains an access restriction bypass vulnerability. When Flash Player references a different website than the site where Flash contents are hosted, the referenced site must be allowed access by the cross-domain policy file. Flash Player contains a vulnerability where access restrictions set by the cross-domain policy file may be bypassed.Cross-domain policy restrictions can be bypassed by using a specially crafted web page. This could result in unauthorized access to website data. An attacker can exploit this issue to bypass certain policy restrictions, which may aid in further attacks. NOTE: This issue was previously discussed in BID 44669 (Adobe Flash Player APSB10-26 Multiple Remote Vulnerabilities), but has been given its own record to better document it. Adobe Flash Player is a cross-platform, browser-based application that renders expressive applications, content, and video natively across screens and browsers. Remote web servers can bypass preset access restrictions with the help of unknown vectors. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02738731 Version: 1 HPSBMA02663 SSRT100428 rev.1 - HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows, Remote Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Execution of Arbitrary Code, Denial of Service (DoS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2011-04-19 Last Updated: 2011-04-19 Potential Security Impact: Remote cross site scripting (XSS), cross site request forgery (CSRF), execution of arbitrary code, Denial of Service (DoS) Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows. The vulnerabilities could be exploited remotely resulting in cross site scripting (XSS), cross site request forgery (CSRF), execution of arbitrary code, and Denial of Service (DoS). HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows prior to v6.3 BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2010-3636 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3637 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3638 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2010-3639 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3640 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3641 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3642 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3643 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3644 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3645 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3646 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3647 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3648 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3649 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3650 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3652 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2010-3976 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2011-1542 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2011-1543 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided HP SIM v6.3 or subsequent to resolve the vulnerabilities. HP SIM v6.3 for HP-UX, Linux, and Windows HP SIM v6.3 for HP-UX, Linux, and Windows is available here: http://h18013.www1.hp.com/products/servers/management/hpsim/ HP SIM v6.3 for Windows on Insight Software DVD In addition for Windows HP SIM v6.3 is available on DVD images. These are available for download here. http://h18013.www1.hp.com/products/servers/management/fpdownload.html MANUAL ACTIONS: Yes - NonUpdate For HP-UX, install HP SIM v6.3 or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.23 HP-UX B.11.31 ============= SysMgmtServer.MX-CMS SysMgmtServer.MX-CORE SysMgmtServer.MX-CORE-ARCH SysMgmtServer.MX-CORE-ARCH SysMgmtServer.MX-PORTAL SysMgmtServer.MX-REPO SysMgmtServer.MX-TOOLS action: install HP SIM v6.3 or subsequent END AFFECTED VERSIONS HISTORY Version: 1 (rev.1) - 19 April 2011 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For further information, contact normal HP Services support channel. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save. To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections. To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do * The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title: GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. "HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement." Copyright 2011 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk2t3CsACgkQ4B86/C0qfVnGsACfUBtF4ovPqqT+9fmlstfGZOEg Ys0AoM8ROq3gELhOLCPEYCca+qCkf+pn =x5Sc -----END PGP SIGNATURE----- . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. For further information please consult the CVE entries and the Adobe Security Bulletins referenced below. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest stable version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-plugins/adobe-flash-10.1.102.64" References ========== [ 1 ] APSB10-06 http://www.adobe.com/support/security/bulletins/apsb10-06.html [ 2 ] APSB10-14 http://www.adobe.com/support/security/bulletins/apsb10-14.html [ 3 ] APSB10-16 http://www.adobe.com/support/security/bulletins/apsb10-16.html [ 4 ] APSB10-22 http://www.adobe.com/support/security/bulletins/apsb10-22.html [ 5 ] APSB10-26 http://www.adobe.com/support/security/bulletins/apsb10-26.html [ 6 ] CVE-2008-4546 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4546 [ 7 ] CVE-2009-3793 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3793 [ 8 ] CVE-2010-0186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0186 [ 9 ] CVE-2010-0187 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0187 [ 10 ] CVE-2010-0209 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0209 [ 11 ] CVE-2010-1297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1297 [ 12 ] CVE-2010-2160 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2160 [ 13 ] CVE-2010-2161 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2161 [ 14 ] CVE-2010-2162 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2162 [ 15 ] CVE-2010-2163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2163 [ 16 ] CVE-2010-2164 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2164 [ 17 ] CVE-2010-2165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2165 [ 18 ] CVE-2010-2166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2166 [ 19 ] CVE-2010-2167 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2167 [ 20 ] CVE-2010-2169 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2169 [ 21 ] CVE-2010-2170 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2170 [ 22 ] CVE-2010-2171 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2171 [ 23 ] CVE-2010-2172 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2172 [ 24 ] CVE-2010-2173 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2173 [ 25 ] CVE-2010-2174 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2174 [ 26 ] CVE-2010-2175 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2175 [ 27 ] CVE-2010-2176 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2176 [ 28 ] CVE-2010-2177 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2177 [ 29 ] CVE-2010-2178 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2178 [ 30 ] CVE-2010-2179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2179 [ 31 ] CVE-2010-2180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2180 [ 32 ] CVE-2010-2181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2181 [ 33 ] CVE-2010-2182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2182 [ 34 ] CVE-2010-2183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2183 [ 35 ] CVE-2010-2184 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2184 [ 36 ] CVE-2010-2185 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2185 [ 37 ] CVE-2010-2186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2186 [ 38 ] CVE-2010-2187 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2187 [ 39 ] CVE-2010-2188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2188 [ 40 ] CVE-2010-2189 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2189 [ 41 ] CVE-2010-2213 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2213 [ 42 ] CVE-2010-2214 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2214 [ 43 ] CVE-2010-2215 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2215 [ 44 ] CVE-2010-2216 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2216 [ 45 ] CVE-2010-2884 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 [ 46 ] CVE-2010-3636 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3636 [ 47 ] CVE-2010-3639 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3639 [ 48 ] CVE-2010-3640 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3640 [ 49 ] CVE-2010-3641 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3641 [ 50 ] CVE-2010-3642 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3642 [ 51 ] CVE-2010-3643 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3643 [ 52 ] CVE-2010-3644 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3644 [ 53 ] CVE-2010-3645 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3645 [ 54 ] CVE-2010-3646 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3646 [ 55 ] CVE-2010-3647 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3647 [ 56 ] CVE-2010-3648 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3648 [ 57 ] CVE-2010-3649 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3649 [ 58 ] CVE-2010-3650 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3650 [ 59 ] CVE-2010-3652 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3652 [ 60 ] CVE-2010-3654 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3654 [ 61 ] CVE-2010-3976 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3976 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201101-09.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . For more information: SA38547 SA40026 SA40907 SA41434 SA41917 SOLUTION: Update to version "www-plugins/adobe-flash-10.1.102.64" or later. ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM) Beta. Join the beta: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for flash-plugin SECUNIA ADVISORY ID: SA42183 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42183/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42183 RELEASE DATE: 2010-11-09 DISCUSS ADVISORY: http://secunia.com/advisories/42183/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42183/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42183 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or compromise a user's system. For more information: SA41917 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2010:0829-1: https://rhn.redhat.com/errata/RHSA-2010-0829.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.52

sources: NVD: CVE-2010-3636 // JVNDB: JVNDB-2010-000054 // BID: 44691 // VULHUB: VHN-46241 // VULMON: CVE-2010-3636 // PACKETSTORM: 100630 // PACKETSTORM: 97654 // PACKETSTORM: 97735 // PACKETSTORM: 97788 // PACKETSTORM: 95657

AFFECTED PRODUCTS

vendor:adobemodel:flash playerscope:gteversion:9.0

Trust: 1.0

vendor:adobemodel:flash playerscope:lteversion:10.1.95.1

Trust: 1.0

vendor:adobemodel:flash playerscope:gteversion:10.0

Trust: 1.0

vendor:adobemodel:flash playerscope:ltversion:9.0.289.0

Trust: 1.0

vendor:adobemodel:flash playerscope:ltversion:10.1.102.64

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:10.1.95.1

Trust: 0.9

vendor:adobemodel:flash playerscope:eqversion:10.1.95.2

Trust: 0.9

vendor:adobemodel:flash playerscope:eqversion:10.1.53.64

Trust: 0.9

vendor:adobemodel:flash playerscope:eqversion:10.1.85.3

Trust: 0.9

vendor:adobemodel:flash playerscope:eqversion:10.1.82.76

Trust: 0.9

vendor:adobemodel:flash playerscope:lteversion:10.1.85.3 for windows, macintosh, linux, and solaris

Trust: 0.8

vendor:adobemodel:flash playerscope:eqversion:10.1.95.1 for android

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.5.8

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.6 through v10.6.4

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.5.8

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.6 through v10.6.4

Trust: 0.8

vendor:oraclemodel:solarisscope:eqversion:10

Trust: 0.8

vendor:oraclemodel:solarisscope:eqversion:11 express

Trust: 0.8

vendor:red hatmodel:enterprise linux extrasscope:eqversion:4 extras

Trust: 0.8

vendor:red hatmodel:enterprise linux extrasscope:eqversion:4.8.z extras

Trust: 0.8

vendor:red hatmodel:enterprise linux server supplementaryscope:eqversion:6

Trust: 0.8

vendor:red hatmodel:enterprise linux workstation supplementaryscope:eqversion:6

Trust: 0.8

vendor:red hatmodel:rhel desktop supplementaryscope:eqversion:5 (client)

Trust: 0.8

vendor:red hatmodel:rhel desktop supplementaryscope:eqversion:6

Trust: 0.8

vendor:red hatmodel:rhel supplementaryscope:eqversion:5 (server)

Trust: 0.8

vendor:adobemodel:flash playerscope:eqversion:10.1.92.8

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:10.1.52.14.1

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:10.1.52.15

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:10.0.45.2

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:9.0.246.0

Trust: 0.3

vendor:adobemodel:airscope:neversion:2.5.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.12.35

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.115.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.280

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.6

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.51.66

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.2

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.0.2

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.2460

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.4

Trust: 0.3

vendor:redhatmodel:desktop extrasscope:eqversion:4

Trust: 0.3

vendor:hpmodel:systems insight managerscope:eqversion:6.1

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.0.2.12610

Trust: 0.3

vendor:hpmodel:systems insight managerscope:eqversion:6.0.0.96

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6

Trust: 0.3

vendor:redmodel:hat enterprise linux supplementary serverscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux extrasscope:eqversion:4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.1

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.0.4

Trust: 0.3

vendor:sunmodel:solaris expressscope:eqversion:11

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.262

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.8

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.5

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.28.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.260.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.32.18

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.277.0

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.12.36

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.01

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.3218

Trust: 0.3

vendor:susemodel:linux enterprise desktopscope:eqversion:11

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.1

Trust: 0.3

vendor:redhatmodel:enterprise linux es extrasscope:eqversion:4

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.3.9130

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.6

Trust: 0.3

vendor:hpmodel:systems insight managerscope:neversion:6.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.3

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.5.3.9120

Trust: 0.3

vendor:sunmodel:solaris 10 sparcscope: - version: -

Trust: 0.3

vendor:applemodel:mac os serverscope:neversion:x10.6.5

Trust: 0.3

vendor:adobemodel:flash playerscope:neversion:9.0.289.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.124.0

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.152.0

Trust: 0.3

vendor:hpmodel:systems insight managerscope:eqversion:6.0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5

Trust: 0.3

vendor:adobemodel:flash playerscope:neversion:10.1.105.6

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.2

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.22.87

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.7

Trust: 0.3

vendor:sunmodel:solarisscope:eqversion:11

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.452

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.0.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.159.0

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.4

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.151.0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6

Trust: 0.3

vendor:adobemodel:airscope:eqversion:1.0

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp1scope:eqversion:11

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.15.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9

Trust: 0.3

vendor:adobemodel:flash playerscope:neversion:10.1.102.64

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.31.0

Trust: 0.3

vendor:sunmodel:solaris 10 x86scope: - version: -

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10

Trust: 0.3

vendor:redmodel:hat enterprise linux desktop supplementary clientscope:eqversion:5

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.47.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.45.0

Trust: 0.3

vendor:redhatmodel:enterprise linux ws extrasscope:eqversion:4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.5

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.42.34

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.5.8

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.2

Trust: 0.3

vendor:hpmodel:systems insight managerscope:eqversion:6.2

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.48.0

Trust: 0.3

vendor:redhatmodel:enterprise linux as extrasscope:eqversion:4

Trust: 0.3

vendor:adobemodel:flash player release candidascope:eqversion:10.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.5.2

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.92.10

Trust: 0.3

vendor:susemodel:opensusescope:eqversion:11.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.3

Trust: 0.3

sources: BID: 44691 // JVNDB: JVNDB-2010-000054 // CNNVD: CNNVD-201011-090 // NVD: CVE-2010-3636

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-3636
value: HIGH

Trust: 1.0

IPA: JVNDB-2010-000054
value: LOW

Trust: 0.8

CNNVD: CNNVD-201011-090
value: CRITICAL

Trust: 0.6

VULHUB: VHN-46241
value: HIGH

Trust: 0.1

VULMON: CVE-2010-3636
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2010-3636
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

IPA: JVNDB-2010-000054
severity: LOW
baseScore: 2.6
vectorString: AV:N/AC:H/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-46241
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-46241 // VULMON: CVE-2010-3636 // JVNDB: JVNDB-2010-000054 // CNNVD: CNNVD-201011-090 // NVD: CVE-2010-3636

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-46241 // JVNDB: JVNDB-2010-000054 // NVD: CVE-2010-3636

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 97735 // CNNVD: CNNVD-201011-090

TYPE

permissions and access control issues

Trust: 0.6

sources: CNNVD: CNNVD-201011-090

CONFIGURATIONS

sources: JVNDB: JVNDB-2010-000054

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-46241

PATCH

title:APSB10-26url:http://www.adobe.com/support/security/bulletins/apsb10-26.html

Trust: 0.8

title:HT4435url:http://support.apple.com/kb/HT4435

Trust: 0.8

title:RHSA-2010:0829url:http://rhn.redhat.com/errata/RHSA-2010-0829.html

Trust: 0.8

title:RHSA-2010:0834url:http://rhn.redhat.com/errata/RHSA-2010-0834.html

Trust: 0.8

title:RHSA-2010:0867url:https://rhn.redhat.com/errata/RHSA-2010-0867.html

Trust: 0.8

title:multiple_vulnerabilities_in_adobe_flash1url:http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1

Trust: 0.8

title:flash-player-10.1.10 2.64-0.1.1.i586url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=35063

Trust: 0.6

title:MacOSXUpdCombo10.6.5url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=35062

Trust: 0.6

title:install_flash_player_10.1.102.64url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=35061

Trust: 0.6

sources: JVNDB: JVNDB-2010-000054 // CNNVD: CNNVD-201011-090

EXTERNAL IDS

db:NVDid:CVE-2010-3636

Trust: 3.1

db:BIDid:44691

Trust: 2.9

db:SECUNIAid:42183

Trust: 2.7

db:VUPENid:ADV-2010-2918

Trust: 2.6

db:VUPENid:ADV-2010-2906

Trust: 2.6

db:VUPENid:ADV-2010-2903

Trust: 2.6

db:JVNid:JVN48425028

Trust: 2.6

db:JVNDBid:JVNDB-2010-000054

Trust: 2.6

db:SECUNIAid:42926

Trust: 1.9

db:SECUNIAid:43026

Trust: 1.9

db:VUPENid:ADV-2011-0173

Trust: 1.8

db:VUPENid:ADV-2011-0192

Trust: 1.8

db:CNNVDid:CNNVD-201011-090

Trust: 0.7

db:PACKETSTORMid:100630

Trust: 0.2

db:VULHUBid:VHN-46241

Trust: 0.1

db:VULMONid:CVE-2010-3636

Trust: 0.1

db:PACKETSTORMid:97654

Trust: 0.1

db:PACKETSTORMid:97735

Trust: 0.1

db:PACKETSTORMid:97788

Trust: 0.1

db:PACKETSTORMid:95657

Trust: 0.1

sources: VULHUB: VHN-46241 // VULMON: CVE-2010-3636 // BID: 44691 // JVNDB: JVNDB-2010-000054 // PACKETSTORM: 100630 // PACKETSTORM: 97654 // PACKETSTORM: 97735 // PACKETSTORM: 97788 // PACKETSTORM: 95657 // CNNVD: CNNVD-201011-090 // NVD: CVE-2010-3636

REFERENCES

url:http://www.securityfocus.com/bid/44691

Trust: 2.7

url:http://jvn.jp/en/jp/jvn48425028/index.html

Trust: 2.6

url:http://secunia.com/advisories/42183

Trust: 2.6

url:http://www.vupen.com/english/advisories/2010/2903

Trust: 2.6

url:http://www.vupen.com/english/advisories/2010/2906

Trust: 2.6

url:http://www.vupen.com/english/advisories/2010/2918

Trust: 2.6

url:http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1

Trust: 2.2

url:http://www.adobe.com/support/security/bulletins/apsb10-26.html

Trust: 2.2

url:http://security.gentoo.org/glsa/glsa-201101-09.xml

Trust: 1.9

url:http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html

Trust: 1.8

url:http://support.apple.com/kb/ht4435

Trust: 1.8

url:http://jvndb.jvn.jp/ja/contents/2010/jvndb-2010-000054.html

Trust: 1.8

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12142

Trust: 1.8

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a15913

Trust: 1.8

url:http://www.redhat.com/support/errata/rhsa-2010-0829.html

Trust: 1.8

url:http://www.redhat.com/support/errata/rhsa-2010-0834.html

Trust: 1.8

url:http://www.redhat.com/support/errata/rhsa-2010-0867.html

Trust: 1.8

url:http://secunia.com/advisories/42926

Trust: 1.8

url:http://secunia.com/advisories/43026

Trust: 1.8

url:http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html

Trust: 1.8

url:http://www.vupen.com/english/advisories/2011/0173

Trust: 1.8

url:http://www.vupen.com/english/advisories/2011/0192

Trust: 1.8

url:http://marc.info/?l=bugtraq&m=130331642631603&w=2

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3636

Trust: 0.9

url:http://jvn.jp/cert/jvnvu331391

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-3636

Trust: 0.8

url:http://www.adobe.com/products/flash/

Trust: 0.3

url:http://secunia.com/products/corporate/evm/

Trust: 0.3

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.3

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.3

url:http://secunia.com/products/corporate/vim/

Trust: 0.3

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.3

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.3

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.3

url:http://marc.info/?l=bugtraq&m=130331642631603&w=2

Trust: 0.1

url:https://cwe.mitre.org/data/definitions/264.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:http://h18013.www1.hp.com/products/servers/management/fpdownload.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-3636

Trust: 0.1

url:http://www.itrc.hp.com/service/cki/secbullarchive.do

Trust: 0.1

url:http://h18013.www1.hp.com/products/servers/management/hpsim/

Trust: 0.1

url:http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na&langcode=useng&jumpid=in_sc-gen__driveritrc&topiccode=itrc

Trust: 0.1

url:https://www.hp.com/go/swa

Trust: 0.1

url:http://h30046.www3.hp.com/subsignin.php

Trust: 0.1

url:http://secunia.com/advisories/42926/#comments

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=42926

Trust: 0.1

url:http://secunia.com/advisories/42926/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2182

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3639

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2181

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2161

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0187

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2174

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3644

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2166

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2215

Trust: 0.1

url:http://www.adobe.com/support/security/bulletins/apsb10-14.html

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2176

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2171

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2162

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2160

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2181

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2008-4546

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4546

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-1297

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2163

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2180

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2171

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2180

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2176

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2164

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2179

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2169

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3648

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2164

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-0187

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2163

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-0209

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2173

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3654

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1297

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2009-3793

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2177

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3645

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2179

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2165

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2172

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3976

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2216

Trust: 0.1

url:http://www.adobe.com/support/security/bulletins/apsb10-16.html

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3647

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2173

Trust: 0.1

url:http://www.adobe.com/support/security/bulletins/apsb10-06.html

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2172

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3793

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2160

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2213

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2186

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2184

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0186

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2167

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3646

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2169

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2175

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2214

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2178

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2165

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2188

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2189

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3643

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2161

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-0186

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0209

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2166

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3641

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2185

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2174

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3650

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2183

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2178

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2170

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2177

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3652

Trust: 0.1

url:http://security.gentoo.org/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2162

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3640

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2170

Trust: 0.1

url:http://www.adobe.com/support/security/bulletins/apsb10-22.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2175

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2187

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3649

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-2167

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2182

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2884

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3642

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:http://secunia.com/advisories/43026/

Trust: 0.1

url:http://secunia.com/advisories/43026/#comments

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=43026

Trust: 0.1

url:http://www.gentoo.org/security/en/glsa/glsa-201101-09.xml

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=42183

Trust: 0.1

url:http://secunia.com/advisories/42183/#comments

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2010-0829.html

Trust: 0.1

url:http://secunia.com/advisories/42183/

Trust: 0.1

sources: VULHUB: VHN-46241 // VULMON: CVE-2010-3636 // BID: 44691 // JVNDB: JVNDB-2010-000054 // PACKETSTORM: 100630 // PACKETSTORM: 97654 // PACKETSTORM: 97735 // PACKETSTORM: 97788 // PACKETSTORM: 95657 // CNNVD: CNNVD-201011-090 // NVD: CVE-2010-3636

CREDITS

Tokuji Akamine of Symantec Consulting Services Japan

Trust: 0.9

sources: BID: 44691 // CNNVD: CNNVD-201011-090

SOURCES

db:VULHUBid:VHN-46241
db:VULMONid:CVE-2010-3636
db:BIDid:44691
db:JVNDBid:JVNDB-2010-000054
db:PACKETSTORMid:100630
db:PACKETSTORMid:97654
db:PACKETSTORMid:97735
db:PACKETSTORMid:97788
db:PACKETSTORMid:95657
db:CNNVDid:CNNVD-201011-090
db:NVDid:CVE-2010-3636

LAST UPDATE DATE

2024-08-14T12:41:59.632000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-46241date:2019-10-09T00:00:00
db:VULMONid:CVE-2010-3636date:2019-10-09T00:00:00
db:BIDid:44691date:2013-06-20T09:39:00
db:JVNDBid:JVNDB-2010-000054date:2011-02-01T00:00:00
db:CNNVDid:CNNVD-201011-090date:2019-10-17T00:00:00
db:NVDid:CVE-2010-3636date:2024-05-17T17:27:59.167

SOURCES RELEASE DATE

db:VULHUBid:VHN-46241date:2010-11-07T00:00:00
db:VULMONid:CVE-2010-3636date:2010-11-07T00:00:00
db:BIDid:44691date:2010-11-04T00:00:00
db:JVNDBid:JVNDB-2010-000054date:2010-11-09T00:00:00
db:PACKETSTORMid:100630date:2011-04-20T23:50:05
db:PACKETSTORMid:97654date:2011-01-19T04:51:35
db:PACKETSTORMid:97735date:2011-01-21T21:15:05
db:PACKETSTORMid:97788date:2011-01-24T07:05:29
db:PACKETSTORMid:95657date:2010-11-09T02:06:41
db:CNNVDid:CNNVD-201011-090date:2010-11-10T00:00:00
db:NVDid:CVE-2010-3636date:2010-11-07T22:00:01.863