Summary
This host has Adobe Acrobat or Adobe Reader or Adobe flash Player installed, and is prone to arbitrary code execution vulnerability.
Impact
Successful exploitation will let attackers to execute arbitrary code in the context of the user running the affected application.
Impact Level: Application/System
Solution
Adobe Flash Player:
Upgrade to Adobe Flash Player version 10.1.102.64 or later For details refer, http://www.adobe.com/downloads/
Adobe Reader/Acrobat:
Upgrade to Adobe Reader/Acrobat version 9.4.1 or later, For updates refer to http://www.adobe.com/downloads/
Insight
The flaw is caused by an unspecified error which can be exploited to execute arbitrary code.
Affected
Adobe Reader/Acrobat version 9.x to 9.4 on Windows Adobe Flash Player version 10.1.85.3 and prior on Windows
References
Severity
Classification
-
CVE CVE-2010-3654 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Mac OS X)
- Adobe Acrobat Out-of-bounds Vulnerability Feb15 (Windows)
- Adobe Air Remote Code Execution Vulnerability -June13 (Windows)
- Adobe AIR Multiple Vulnerabilities -01 Feb13 (Windows)
- Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Mac OS X)