cve-2010-2179
Vulnerability from cvelistv5
Published
2010-06-15 17:48
Modified
2024-08-07 02:25
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing.
References
psirt@adobe.comhttp://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751Third Party Advisory
psirt@adobe.comhttp://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751Third Party Advisory
psirt@adobe.comhttp://lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlMailing List, Third Party Advisory
psirt@adobe.comhttp://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.htmlThird Party Advisory
psirt@adobe.comhttp://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.htmlThird Party Advisory
psirt@adobe.comhttp://secunia.com/advisories/40144Broken Link
psirt@adobe.comhttp://secunia.com/advisories/40545Broken Link
psirt@adobe.comhttp://secunia.com/advisories/43026Broken Link
psirt@adobe.comhttp://security.gentoo.org/glsa/glsa-201101-09.xmlThird Party Advisory
psirt@adobe.comhttp://securitytracker.com/id?1024085Third Party Advisory, VDB Entry
psirt@adobe.comhttp://securitytracker.com/id?1024086Broken Link, VDB Entry
psirt@adobe.comhttp://support.apple.com/kb/HT4435Broken Link
psirt@adobe.comhttp://www.adobe.com/support/security/bulletins/apsb10-14.htmlBroken Link, Patch, Third Party Advisory, Vendor Advisory
psirt@adobe.comhttp://www.redhat.com/support/errata/RHSA-2010-0464.htmlBroken Link, Third Party Advisory
psirt@adobe.comhttp://www.redhat.com/support/errata/RHSA-2010-0470.htmlBroken Link, Third Party Advisory
psirt@adobe.comhttp://www.securityfocus.com/bid/40759Broken Link, VDB Entry
psirt@adobe.comhttp://www.securityfocus.com/bid/40808Broken Link, VDB Entry
psirt@adobe.comhttp://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txtBroken Link
psirt@adobe.comhttp://www.us-cert.gov/cas/techalerts/TA10-162A.htmlThird Party Advisory, US Government Resource
psirt@adobe.comhttp://www.vupen.com/english/advisories/2010/1421Broken Link
psirt@adobe.comhttp://www.vupen.com/english/advisories/2010/1432Broken Link
psirt@adobe.comhttp://www.vupen.com/english/advisories/2010/1434Broken Link
psirt@adobe.comhttp://www.vupen.com/english/advisories/2010/1453Broken Link
psirt@adobe.comhttp://www.vupen.com/english/advisories/2010/1482Broken Link
psirt@adobe.comhttp://www.vupen.com/english/advisories/2010/1522Broken Link
psirt@adobe.comhttp://www.vupen.com/english/advisories/2010/1793Broken Link
psirt@adobe.comhttp://www.vupen.com/english/advisories/2011/0192Broken Link
psirt@adobe.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/59328Third Party Advisory, VDB Entry
psirt@adobe.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7126Broken Link
af854a3a-2127-422b-91ae-364da2661108http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/40144Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/40545Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43026Broken Link
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-201101-09.xmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1024085Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1024086Broken Link, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT4435Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.adobe.com/support/security/bulletins/apsb10-14.htmlBroken Link, Patch, Third Party Advisory, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2010-0464.htmlBroken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2010-0470.htmlBroken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/40759Broken Link, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/40808Broken Link, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txtBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA10-162A.htmlThird Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1421Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1432Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1434Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1453Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1482Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1522Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/1793Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0192Broken Link
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/59328Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7126Broken Link
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T02:25:07.020Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "adobe-player-air-url-xss(59328)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59328"
          },
          {
            "name": "ADV-2011-0192",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0192"
          },
          {
            "name": "ADV-2010-1421",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1421"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4435"
          },
          {
            "name": "40545",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40545"
          },
          {
            "name": "RHSA-2010:0464",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0464.html"
          },
          {
            "name": "ADV-2010-1793",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1793"
          },
          {
            "name": "43026",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43026"
          },
          {
            "name": "ADV-2010-1432",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1432"
          },
          {
            "name": "GLSA-201101-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
          },
          {
            "name": "TA10-162A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA10-162A.html"
          },
          {
            "name": "oval:org.mitre.oval:def:7126",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7126"
          },
          {
            "name": "APPLE-SA-2010-11-10-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
          },
          {
            "name": "40759",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/40759"
          },
          {
            "name": "1024085",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1024085"
          },
          {
            "name": "SUSE-SR:2010:013",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
          },
          {
            "name": "1024086",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1024086"
          },
          {
            "name": "ADV-2010-1434",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1434"
          },
          {
            "name": "TLSA-2010-19",
            "tags": [
              "vendor-advisory",
              "x_refsource_TURBO",
              "x_transferred"
            ],
            "url": "http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt"
          },
          {
            "name": "SSRT100179",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
          },
          {
            "name": "SUSE-SA:2010:024",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
          },
          {
            "name": "40144",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40144"
          },
          {
            "name": "RHSA-2010:0470",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0470.html"
          },
          {
            "name": "ADV-2010-1482",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1482"
          },
          {
            "name": "HPSBMA02547",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
          },
          {
            "name": "ADV-2010-1522",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1522"
          },
          {
            "name": "40808",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/40808"
          },
          {
            "name": "ADV-2010-1453",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1453"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-06-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "shortName": "adobe"
      },
      "references": [
        {
          "name": "adobe-player-air-url-xss(59328)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59328"
        },
        {
          "name": "ADV-2011-0192",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0192"
        },
        {
          "name": "ADV-2010-1421",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1421"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4435"
        },
        {
          "name": "40545",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40545"
        },
        {
          "name": "RHSA-2010:0464",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0464.html"
        },
        {
          "name": "ADV-2010-1793",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1793"
        },
        {
          "name": "43026",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43026"
        },
        {
          "name": "ADV-2010-1432",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1432"
        },
        {
          "name": "GLSA-201101-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
        },
        {
          "name": "TA10-162A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA10-162A.html"
        },
        {
          "name": "oval:org.mitre.oval:def:7126",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7126"
        },
        {
          "name": "APPLE-SA-2010-11-10-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
        },
        {
          "name": "40759",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/40759"
        },
        {
          "name": "1024085",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1024085"
        },
        {
          "name": "SUSE-SR:2010:013",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
        },
        {
          "name": "1024086",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1024086"
        },
        {
          "name": "ADV-2010-1434",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1434"
        },
        {
          "name": "TLSA-2010-19",
          "tags": [
            "vendor-advisory",
            "x_refsource_TURBO"
          ],
          "url": "http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt"
        },
        {
          "name": "SSRT100179",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
        },
        {
          "name": "SUSE-SA:2010:024",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
        },
        {
          "name": "40144",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40144"
        },
        {
          "name": "RHSA-2010:0470",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0470.html"
        },
        {
          "name": "ADV-2010-1482",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1482"
        },
        {
          "name": "HPSBMA02547",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
        },
        {
          "name": "ADV-2010-1522",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1522"
        },
        {
          "name": "40808",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/40808"
        },
        {
          "name": "ADV-2010-1453",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1453"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@adobe.com",
          "ID": "CVE-2010-2179",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "adobe-player-air-url-xss(59328)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59328"
            },
            {
              "name": "ADV-2011-0192",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0192"
            },
            {
              "name": "ADV-2010-1421",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1421"
            },
            {
              "name": "http://support.apple.com/kb/HT4435",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4435"
            },
            {
              "name": "40545",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/40545"
            },
            {
              "name": "RHSA-2010:0464",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0464.html"
            },
            {
              "name": "ADV-2010-1793",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1793"
            },
            {
              "name": "43026",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43026"
            },
            {
              "name": "ADV-2010-1432",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1432"
            },
            {
              "name": "GLSA-201101-09",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
            },
            {
              "name": "TA10-162A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA10-162A.html"
            },
            {
              "name": "oval:org.mitre.oval:def:7126",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7126"
            },
            {
              "name": "APPLE-SA-2010-11-10-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
            },
            {
              "name": "40759",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/40759"
            },
            {
              "name": "1024085",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1024085"
            },
            {
              "name": "SUSE-SR:2010:013",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
            },
            {
              "name": "1024086",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1024086"
            },
            {
              "name": "ADV-2010-1434",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1434"
            },
            {
              "name": "TLSA-2010-19",
              "refsource": "TURBO",
              "url": "http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt"
            },
            {
              "name": "SSRT100179",
              "refsource": "HP",
              "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
            },
            {
              "name": "SUSE-SA:2010:024",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html"
            },
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb10-14.html",
              "refsource": "CONFIRM",
              "url": "http://www.adobe.com/support/security/bulletins/apsb10-14.html"
            },
            {
              "name": "40144",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/40144"
            },
            {
              "name": "RHSA-2010:0470",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0470.html"
            },
            {
              "name": "ADV-2010-1482",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1482"
            },
            {
              "name": "HPSBMA02547",
              "refsource": "HP",
              "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751"
            },
            {
              "name": "ADV-2010-1522",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1522"
            },
            {
              "name": "40808",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/40808"
            },
            {
              "name": "ADV-2010-1453",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1453"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
    "assignerShortName": "adobe",
    "cveId": "CVE-2010-2179",
    "datePublished": "2010-06-15T17:48:00",
    "dateReserved": "2010-06-07T00:00:00",
    "dateUpdated": "2024-08-07T02:25:07.020Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-2179\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2010-06-15T18:00:01.717\",\"lastModified\":\"2024-11-21T01:16:05.860\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Adobe Flash Player anterior a v9.0.277.0 y v10.x anterior a v10.1.53.64, y Adobe Air anterior a v2.0.2.12610, cuando se usa FireFox o Chrome permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n a trav\u00e9s de vectores no especificados relacionados con el parseo de URLs.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"9.0.277.0\",\"matchCriteriaId\":\"20C3001C-53F0-4C18-9CC8-89BDF8C6087D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0.0\",\"versionEndExcluding\":\"10.1.53.64\",\"matchCriteriaId\":\"F116B4ED-9BC6-4750-B87F-4E5FF2B2B1F3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39B565E1-C2F1-44FC-A517-E3130332B17C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97D4FFCF-5309-43B6-9FD5-680C6D535A7F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.2.12610\",\"matchCriteriaId\":\"A520EA13-9274-4E10-84B5-1F1FD9E5CE86\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39B565E1-C2F1-44FC-A517-E3130332B17C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97D4FFCF-5309-43B6-9FD5-680C6D535A7F\"}]}]}],\"references\":[{\"url\":\"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/40144\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/40545\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/43026\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201101-09.xml\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1024085\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://securitytracker.com/id?1024086\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"VDB Entry\"]},{\"url\":\"http://support.apple.com/kb/HT4435\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb10-14.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Patch\",\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0464.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0470.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/40759\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/40808\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"VDB Entry\"]},{\"url\":\"http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA10-162A.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1421\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1432\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1434\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1453\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1482\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1522\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1793\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0192\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/59328\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7126\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02273751\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/40144\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/40545\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/43026\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201101-09.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1024085\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://securitytracker.com/id?1024086\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"VDB Entry\"]},{\"url\":\"http://support.apple.com/kb/HT4435\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb10-14.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Patch\",\"Third Party Advisory\",\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0464.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2010-0470.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/40759\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/40808\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"VDB Entry\"]},{\"url\":\"http://www.turbolinux.co.jp/security/2010/TLSA-2010-19j.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA10-162A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1421\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1432\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1434\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1453\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1482\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1522\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/1793\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0192\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/59328\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7126\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]}],\"evaluatorSolution\":\"Per: http://www.adobe.com/support/security/bulletins/apsb10-14.html\\r\\n\\r\\n\u0027This update resolves a URL parsing vulnerability that could lead to cross-site scripting (Firefox and Chrome browsers only) (CVE-2010-2179).\u0027\",\"evaluatorImpact\":\"Per: http://www.adobe.com/support/security/bulletins/apsb10-14.html\\r\\n\\r\\n\u0027Affected software versions\\r\\n\\r\\nAdobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris\\r\\n\\r\\nAdobe AIR 1.5.3.9130 and earlier versions for Windows, Macintosh and Linux\u0027\\r\\n\"}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.