CVE-2010-3650

Vulnerability

This vulnerability is an unspecified memory corruption issue in Adobe Flash Player affecting versions before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, as well as version 10.1.95.1 on Android. The exact nature of the flaw is undisclosed, but it resides in the core Flash Player engine. The vulnerability is distinct from a series of similar issues (CVE-2010-3640 through CVE-2010-3649 and CVE-2010-3652) disclosed at the same time [1].

Exploitation

An attacker can trigger this vulnerability by delivering a specially crafted Flash (SWF) file, likely via a web page or other content that loads Flash. No authentication is required; the attack is remotely exploitable. The user must open the malicious content in a vulnerable Flash Player instance. The exact vector is unknown, but typical exploitation involves convincing a user to visit a malicious site or open a crafted file.

Impact

Successful exploitation allows an attacker to execute arbitrary code on the victim's system in the context of the current user, or cause a denial of service (application crash). The CIA impact is complete compromise of confidentiality, integrity, and availability if arbitrary code execution is achieved. The vulnerability is rated as critical.

Mitigation

Adobe released fixed versions: Flash Player 9.0.289.0 and 10.1.102.64 for desktop platforms, and 10.1.95.1 for Android (patched). Users should update to these or later versions. Red Hat issued updates (RHSA-2010-0829, RHSA-2010-0834, RHSA-2010-0867) for Flash Player packages in their Linux distributions [2][3][4]. No workaround is disclosed. The vulnerability is not listed on the CISA KEV.