Unrated severityNVD Advisory· Published Oct 29, 2010· Updated Apr 29, 2026
CVE-2010-3654
CVE-2010-3654
Description
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
Affected products
89cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*+ 56 more
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*range: <=10.1.85.3
- cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*
cpe:2.3:a:macromedia:flash_player:5.0:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:macromedia:flash_player:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:macromedia:flash_player:5.0_r50:*:*:*:*:*:*:*
- cpe:2.3:a:macromedia:flash_player:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:macromedia:flash_player:6.0.29.0:*:*:*:*:*:*:*
- cpe:2.3:a:macromedia:flash_player:6.0.40.0:*:*:*:*:*:*:*
- cpe:2.3:a:macromedia:flash_player:6.0.47.0:*:*:*:*:*:*:*
- cpe:2.3:a:macromedia:flash_player:6.0.65.0:*:*:*:*:*:*:*
- cpe:2.3:a:macromedia:flash_player:6.0.79.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
37- contagiodump.blogspot.com/2010/10/potential-new-adobe-flash-player-zero.htmlnvdExploit
- secunia.com/advisories/41917nvdVendor Advisory
- www.adobe.com/support/security/advisories/apsa10-05.htmlnvdVendor Advisory
- www.kb.cert.org/vuls/id/298081nvdUS Government Resource
- blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1nvd
- lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2010-12/msg00001.htmlnvd
- secunia.com/advisories/42030nvd
- secunia.com/advisories/42183nvd
- secunia.com/advisories/42401nvd
- secunia.com/advisories/42926nvd
- secunia.com/advisories/43025nvd
- secunia.com/advisories/43026nvd
- security.gentoo.org/glsa/glsa-201101-08.xmlnvd
- security.gentoo.org/glsa/glsa-201101-09.xmlnvd
- securityreason.com/securityalert/8210nvd
- support.apple.com/kb/HT4435nvd
- www.adobe.com/support/security/bulletins/apsb10-26.htmlnvd
- www.adobe.com/support/security/bulletins/apsb10-28.htmlnvd
- www.redhat.com/support/errata/RHSA-2010-0829.htmlnvd
- www.redhat.com/support/errata/RHSA-2010-0834.htmlnvd
- www.redhat.com/support/errata/RHSA-2010-0867.htmlnvd
- www.redhat.com/support/errata/RHSA-2010-0934.htmlnvd
- www.securityfocus.com/bid/44504nvd
- www.securitytracker.com/idnvd
- www.securitytracker.com/idnvd
- www.turbolinux.co.jp/security/2011/TLSA-2011-2j.txtnvd
- www.vupen.com/english/advisories/2010/2903nvd
- www.vupen.com/english/advisories/2010/2906nvd
- www.vupen.com/english/advisories/2010/2918nvd
- www.vupen.com/english/advisories/2010/3111nvd
- www.vupen.com/english/advisories/2011/0173nvd
- www.vupen.com/english/advisories/2011/0191nvd
- www.vupen.com/english/advisories/2011/0192nvd
- www.vupen.com/english/advisories/2011/0344nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13294nvd
News mentions
0No linked articles in our index yet.