Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N
Vendors Products
Adobe
  • Air
  • Flash Player
Google
  • Chrome
Mozilla
  • Firefox

Configuration 1 [-]

AND
OR cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
OR cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*
OR cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*
References
Link Resource
http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 Third Party Advisory
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html Third Party Advisory
http://secunia.com/advisories/40144 Broken Link
http://secunia.com/advisories/40545 Broken Link
http://secunia.com/advisories/43026 Broken Link
http://security.gentoo.org/glsa/glsa-201101-09.xml Third Party Advisory
http://securitytracker.com/id?1024085 Third Party Advisory VDB Entry
http://securitytracker.com/id?1024086 Broken Link VDB Entry
http://support.apple.com/kb/HT4435 Broken Link
http://www.adobe.com/support/security/bulletins/apsb10-14.html Broken Link Patch Third Party Advisory Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2010-0464.html Broken Link Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0470.html Broken Link Third Party Advisory
http://www.securityfocus.com/bid/40759 Broken Link VDB Entry
http://www.securityfocus.com/bid/40808 Broken Link VDB Entry
http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt Broken Link
http://www.us-cert.gov/cas/techalerts/TA10-162A.html Third Party Advisory US Government Resource
http://www.vupen.com/english/advisories/2010/1421 Broken Link
http://www.vupen.com/english/advisories/2010/1432 Broken Link
http://www.vupen.com/english/advisories/2010/1434 Broken Link
http://www.vupen.com/english/advisories/2010/1453 Broken Link
http://www.vupen.com/english/advisories/2010/1482 Broken Link
http://www.vupen.com/english/advisories/2010/1522 Broken Link
http://www.vupen.com/english/advisories/2010/1793 Broken Link
http://www.vupen.com/english/advisories/2011/0192 Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/59328 Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7126 Broken Link
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: adobe

Published: 2010-06-15T17:48:00

Updated: 2017-09-18T12:57:01

Reserved: 2010-06-07T00:00:00

Link: CVE-2010-2179

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2010-06-15T18:00:01.717

Modified: 2022-09-15T13:29:29.317

Link: CVE-2010-2179

JSON object: View

cve-icon Redhat Information

No data.

CWE