admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2010/CVE-2010-21xx/CVE-2010-2179.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

566 lines
15 KiB
JSON
Raw Blame History

{
"id": "CVE-2010-2179",
"sourceIdentifier": "psirt@adobe.com",
"published": "2010-06-15T18:00:01.717",
"lastModified": "2024-11-21T01:16:05.860",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Adobe Flash Player anterior a v9.0.277.0 y v10.x anterior a v10.1.53.64, y Adobe Air anterior a v2.0.2.12610, cuando se usa FireFox o Chrome permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n a trav\u00e9s de vectores no especificados relacionados con el parseo de URLs."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"baseScore": 4.3,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.0.277.0",
"matchCriteriaId": "20C3001C-53F0-4C18-9CC8-89BDF8C6087D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0.0.0",
"versionEndExcluding": "10.1.53.64",
"matchCriteriaId": "F116B4ED-9BC6-4750-B87F-4E5FF2B2B1F3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39B565E1-C2F1-44FC-A517-E3130332B17C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97D4FFCF-5309-43B6-9FD5-680C6D535A7F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.2.12610",
"matchCriteriaId": "A520EA13-9274-4E10-84B5-1F1FD9E5CE86"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39B565E1-C2F1-44FC-A517-E3130332B17C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97D4FFCF-5309-43B6-9FD5-680C6D535A7F"
}
]
}
]
}
],
"references": [
{
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751",
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751",
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html",
"source": "psirt@adobe.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html",
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html",
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/40144",
"source": "psirt@adobe.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/40545",
"source": "psirt@adobe.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/43026",
"source": "psirt@adobe.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://security.gentoo.org/glsa/glsa-201101-09.xml",
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://securitytracker.com/id?1024085",
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://securitytracker.com/id?1024086",
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"VDB Entry"
]
},
{
"url": "http://support.apple.com/kb/HT4435",
"source": "psirt@adobe.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html",
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory",
"Vendor Advisory"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2010-0464.html",
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2010-0470.html",
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/40759",
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/bid/40808",
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"VDB Entry"
]
},
{
"url": "http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt",
"source": "psirt@adobe.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA10-162A.html",
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "http://www.vupen.com/english/advisories/2010/1421",
"source": "psirt@adobe.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.vupen.com/english/advisories/2010/1432",
"source": "psirt@adobe.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.vupen.com/english/advisories/2010/1434",
"source": "psirt@adobe.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.vupen.com/english/advisories/2010/1453",
"source": "psirt@adobe.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.vupen.com/english/advisories/2010/1482",
"source": "psirt@adobe.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.vupen.com/english/advisories/2010/1522",
"source": "psirt@adobe.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.vupen.com/english/advisories/2010/1793",
"source": "psirt@adobe.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.vupen.com/english/advisories/2011/0192",
"source": "psirt@adobe.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59328",
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7126",
"source": "psirt@adobe.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/40144",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/40545",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/43026",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://security.gentoo.org/glsa/glsa-201101-09.xml",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://securitytracker.com/id?1024085",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://securitytracker.com/id?1024086",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"VDB Entry"
]
},
{
"url": "http://support.apple.com/kb/HT4435",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory",
"Vendor Advisory"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2010-0464.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2010-0470.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/40759",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/bid/40808",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"VDB Entry"
]
},
{
"url": "http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA10-162A.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "http://www.vupen.com/english/advisories/2010/1421",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.vupen.com/english/advisories/2010/1432",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.vupen.com/english/advisories/2010/1434",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.vupen.com/english/advisories/2010/1453",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.vupen.com/english/advisories/2010/1482",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.vupen.com/english/advisories/2010/1522",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.vupen.com/english/advisories/2010/1793",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.vupen.com/english/advisories/2011/0192",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59328",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7126",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
]
}
],
"evaluatorSolution": "Per: http://www.adobe.com/support/security/bulletins/apsb10-14.html\r\n\r\n'This update resolves a URL parsing vulnerability that could lead to cross-site scripting (Firefox and Chrome browsers only) (CVE-2010-2179).'",
"evaluatorImpact": "Per: http://www.adobe.com/support/security/bulletins/apsb10-14.html\r\n\r\n'Affected software versions\r\n\r\nAdobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris\r\n\r\nAdobe AIR 1.5.3.9130 and earlier versions for Windows, Macintosh and Linux'\r\n"
}
Reference in New Issue View Git Blame Copy Permalink