CVE-2010-3641
Description
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Unspecified memory corruption in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 allows remote code execution or denial of service via unknown vectors.
Vulnerability
An unspecified memory corruption vulnerability exists in Adobe Flash Player versions prior to 9.0.289.0 and 10.x prior to 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and prior to 10.1.95.1 on Android. The issue is triggered via unknown vectors, leading to memory corruption.
Exploitation
The precise exploitation steps are not disclosed. An attacker would likely host a malicious Flash file and convince a user to open it, potentially via a web browser or email. No authentication or special privileges are required other than user interaction.
Impact
Successful exploitation allows an attacker to execute arbitrary code or cause a denial of service. Code execution occurs in the context of the user running the Flash Player, potentially leading to full system compromise.
Mitigation
Adobe released updated versions: Flash Player 9.0.289.0, 10.1.102.64, and 10.1.95.1 for Android. Users should update immediately. Red Hat has provided updated packages for affected distributions via RHSA-2010-0834, RHSA-2010-0829, and RHSA-2010-0867 [2][3][4]. No workarounds are documented.
AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <9.0.289.0 or >=10.0.0.0, <10.1.102.64
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
21- www.adobe.com/support/security/bulletins/apsb10-26.htmlnvdPatchVendor Advisory
- lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlnvdMailing ListThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.htmlnvdThird Party Advisory
- marc.infonvdMailing ListThird Party Advisory
- secunia.com/advisories/42183nvdThird Party Advisory
- secunia.com/advisories/42926nvdThird Party Advisory
- secunia.com/advisories/43026nvdThird Party Advisory
- security.gentoo.org/glsa/glsa-201101-09.xmlnvdThird Party Advisory
- support.apple.com/kb/HT4435nvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2010-0829.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2010-0834.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2010-0867.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/44677nvdThird Party AdvisoryVDB Entry
- www.vupen.com/english/advisories/2010/2903nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/2906nvdThird Party Advisory
- www.vupen.com/english/advisories/2010/2918nvdThird Party Advisory
- www.vupen.com/english/advisories/2011/0173nvdThird Party Advisory
- www.vupen.com/english/advisories/2011/0192nvdThird Party Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12154nvdThird Party Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16161nvdThird Party Advisory
- blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1nvdBroken Link
News mentions
0No linked articles in our index yet.