Launchpad CVE tracker

CVE 2010-1297

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.

Related bugs and status

CVE-2010-1297 (Candidate) is related to these bugs:

Bug #314637: debian/{config,postinst} are both broken for dpkg-reconfigure

		In	Importance	Status
314637	debian/{config,postinst} are both broken for dpkg-reconfigure	flashplugin-nonfree (Ubuntu)	Undecided	Fix Released
314637	debian/{config,postinst} are both broken for dpkg-reconfigure	flashplugin-nonfree (Ubuntu Jaunty)	Undecided	Fix Released
314637	debian/{config,postinst} are both broken for dpkg-reconfigure	flashplugin-nonfree (Ubuntu Karmic)	Undecided	Fix Released
314637	debian/{config,postinst} are both broken for dpkg-reconfigure	flashplugin-nonfree (Ubuntu Lucid)	Undecided	Fix Released
314637	debian/{config,postinst} are both broken for dpkg-reconfigure	flashplugin-nonfree (Ubuntu Maverick)	Undecided	Fix Released

Bug #591001: CVE-2010-1297: Security Advisory for Flash Player, Adobe Reader and Acrobat

		In	Importance	Status
591001	CVE-2010-1297: Security Advisory for Flash Player, Adobe Reader and Acrobat	acroread (Ubuntu)	High	Fix Released
591001	CVE-2010-1297: Security Advisory for Flash Player, Adobe Reader and Acrobat	adobe-flashplugin (Ubuntu)	High	Fix Released
591001	CVE-2010-1297: Security Advisory for Flash Player, Adobe Reader and Acrobat	flashplugin-nonfree (Ubuntu)	High	Fix Released

Bug #616167: New upstream security releases 10.1.82.76 and 9.0.280

Summary				In	Importance	Status
	616167	New upstream security releases 10.1.82.76 and 9.0.280		flashplugin-nonfree (Ubuntu)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.adobe.com/s...
BID: 40586
OSVDB: 65141
SECTRACK: 1024057
SECTRACK: 1024058
SECUNIA: 40026
SECUNIA: 40034
VUPEN: ADV-2010-1348
VUPEN: ADV-2010-1349
EXPLOIT-DB: 13787
CONFIRM: http://www.adobe.com/s...
BID: 40759
SECTRACK: 1024085
SECTRACK: 1024086
REDHAT: RHSA-2010:0464
REDHAT: RHSA-2010:0470
CERT: TA10-162A
VUPEN: ADV-2010-1453
SUSE: SUSE-SA:2010:024
SUSE: SUSE-SR:2010:013
SECUNIA: 40144
VUPEN: ADV-2010-1421
VUPEN: ADV-2010-1432
VUPEN: ADV-2010-1434
VUPEN: ADV-2010-1482
TURBO: TLSA-2010-19
VUPEN: ADV-2010-1522
MISC: http://blog.zynamics.c...
MISC: http://community.webse...
CERT: TA10-159A
CERT-VN: VU#486225
CONFIRM: http://www.adobe.com/s...
HP: HPSBMA02547
HP: SSRT100179
SECUNIA: 40545
VUPEN: ADV-2010-1793
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2010-11-10-1
GENTOO: GLSA-201101-09
SECUNIA: 43026
VUPEN: ADV-2011-0192
VUPEN: ADV-2010-1636
XF: adobe-authplay-code-ex...
OVAL: oval:org.mitre.oval:de...

Launchpad.net

CVE 2010-1297

Related bugs and status

Related bugs

References