CVE-2010-0378

8.8HIGH

Key Information:

Vendor: Adobe
Status: Flash Player; Windows Xp
Vendor: CVE Published:; 21 January 2010

Summary

Use-after-free vulnerability in Adobe Flash Player 6.0.79, as distributed in Microsoft Windows XP SP2 and SP3, allows remote attackers to execute arbitrary code by unloading a Flash object that is currently being accessed by a script, leading to memory corruption, aka a "Movie Unloading Vulnerability."

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://securitytracker.com/id?1023435

vdb-entryx_refsource_SECTRACK

http://www.kb.cert.org/vuls/id/204889

third-party-advisoryx_refsource_CERT-VN

EPSS Score

12% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 21, 2010
Vulnerability Reserved
Jan 21, 2010

.