1. CVE-Search
  2. CVE-2010-0378
ID CVE-2010-0378
Summary Use-after-free vulnerability in Adobe Flash Player 6.0.79, as distributed in Microsoft Windows XP SP2 and SP3, allows remote attackers to execute arbitrary code by unloading a Flash object that is currently being accessed by a script, leading to memory corruption, aka a "Movie Unloading Vulnerability."
References
Vulnerable Configurations
  • cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*
    cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:-:sp3:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:-:sp2:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 03-02-2024 - 02:21)
Impact:
Exploitability:
CWE CWE-416
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
oval via4
accepted 2015-08-03T04:02:08.213-04:00
class vulnerability
contributors
  • name Preeti Subramanian
    organization SecPod Technologies
  • name Shane Shaffer
    organization G2, Inc.
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Maria Mikhno
    organization ALTX-SOFT
  • name Maria Mikhno
    organization ALTX-SOFT
definition_extensions
  • comment Microsoft Windows XP (x86) SP2 is installed
    oval oval:org.mitre.oval:def:754
  • comment Microsoft Windows XP (x86) SP3 is installed
    oval oval:org.mitre.oval:def:5631
  • comment Microsoft Windows XP x64 Edition SP2 is installed
    oval oval:org.mitre.oval:def:4193
  • comment Adobe Flash Player is installed
    oval oval:org.mitre.oval:def:6700
  • comment ActiveX Control is installed
    oval oval:org.mitre.oval:def:26707
description Use-after-free vulnerability in Adobe Flash Player 6.0.79, as distributed in Microsoft Windows XP SP2 and SP3, allows remote attackers to execute arbitrary code by unloading a Flash object that is currently being accessed by a script, leading to memory corruption, aka a "Movie Unloading Vulnerability."
family windows
id oval:org.mitre.oval:def:7580
status accepted
submitted 2010-05-18T02:23:08
title Use-after-free vulnerability in Adobe Flash Player 6.0.79
version 74
refmap via4
cert-vn VU#204889
confirm http://www.microsoft.com/technet/security/advisory/979267.mspx
misc http://secunia.com/secunia_research/2007-77/
sectrack 1023435
secunia 27105
Last major update 03-02-2024 - 02:21
Published 21-01-2010 - 23:30
Last modified 03-02-2024 - 02:21
Back to Top