CVE-2010-3643

Vulnerability

An unspecified memory corruption vulnerability exists in Adobe Flash Player versions prior to 9.0.289.0 and 10.x prior to 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, as well as version 10.1.95.1 on Android [1][2][3][4]. The flaw can be triggered via unknown vectors, leading to memory corruption that may allow arbitrary code execution or denial of service. This vulnerability is distinct from other similar issues addressed in the same update (e.g., CVE-2010-3640, CVE-2010-3641, etc.) [1][2].

Exploitation

An attacker can exploit this vulnerability by persuading a user to open a specially crafted Flash file, typically delivered through a malicious website or embedded in an email or document [1][2][3][4]. No authentication or specific user privileges are required beyond the user having a vulnerable version of Flash Player installed. The exact exploitation vector is not publicly disclosed, but the memory corruption nature suggests that successful exploitation would involve triggering a heap or buffer overflow to gain control of execution flow.

Impact

Successful exploitation can lead to arbitrary code execution under the privileges of the current user, or cause a denial of service via application crash [1][2][3][4]. An attacker could potentially install programs, view, change, or delete data, or create new accounts with full user rights. The impact is limited to the user context running the Flash Player plugin, which may be sandboxed in some environments but still allows significant compromise of the user's session.

Mitigation

Adobe released Flash Player version 9.0.289.0 and 10.1.102.64 for desktop platforms, and 10.1.95.1 for Android, to address this vulnerability [1][2][3][4]. Red Hat issued updates (RHSA-2010:0829, RHSA-2010:0834, RHSA-2010:0867) for affected packages in Red Hat Enterprise Linux [2][3][4]. Users should upgrade to the fixed versions immediately. No workaround is available; disabling or removing Flash Player mitigates the risk but may impact functionality.