CVE-2010-2167 Information

Description

Multiple heap-based buffer overflows in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64 and Adobe AIR before 2.0.2.12610 might allow attackers to execute arbitrary code via unspecified vectors related to malformed (1) GIF or (2) JPEG data.

Reference

http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html http://secunia.com/advisories/40144 http://secunia.com/advisories/40545 http://secunia.com/advisories/43026 http://security.gentoo.org/glsa/glsa-201101-09.xml http://securitytracker.com/id?1024085 http://securitytracker.com/id?1024086 http://support.apple.com/kb/HT4435 http://www.adobe.com/support/security/bulletins/apsb10-14.html http://www.redhat.com/support/errata/RHSA-2010-0464.html http://www.redhat.com/support/errata/RHSA-2010-0470.html http://www.securityfocus.com/archive/1/511847/100/0/threaded http://www.securityfocus.com/bid/40759 http://www.securityfocus.com/bid/40802 http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt http://www.us-cert.gov/cas/techalerts/TA10-162A.html http://www.vupen.com/english/advisories/2010/1421 http://www.vupen.com/english/advisories/2010/1432 http://www.vupen.com/english/advisories/2010/1434 http://www.vupen.com/english/advisories/2010/1453 http://www.vupen.com/english/advisories/2010/1482 http://www.vupen.com/english/advisories/2010/1522 http://www.vupen.com/english/advisories/2010/1793 http://www.vupen.com/english/advisories/2011/0192 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A15437 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A7491