Use-after-free Vulnerability in Adobe Flash Player by Adobe Systems
CVE-2010-0378

8.8HIGH

Key Information:

Vendor
Adobe
Status
Flash Player
Windows Xp
Vendor
CVE Published:
21 January 2010

Summary

A use-after-free vulnerability in Adobe Flash Player allows remote attackers to execute arbitrary code on affected installations. This occurs when a Flash object is unloaded while still in use by a script, leading to memory corruption. This vulnerability highlights significant security risks present in older software versions, especially when dealing with untrusted content. To mitigate risks, it is essential to ensure that your systems are updated and security best practices are followed.

References

https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://securitytracker.com/id?1023435
vdb-entryx_refsource_SECTRACK
http://www.kb.cert.org/vuls/id/204889
third-party-advisoryx_refsource_CERT-VN

EPSS Score

9% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.