Vulnerability Details : CVE-2010-0378
Use-after-free vulnerability in Adobe Flash Player 6.0.79, as distributed in Microsoft Windows XP SP2 and SP3, allows remote attackers to execute arbitrary code by unloading a Flash object that is currently being accessed by a script, leading to memory corruption, aka a "Movie Unloading Vulnerability."
Vulnerability category: Memory CorruptionExecute code
Exploit prediction scoring system (EPSS) score for CVE-2010-0378
Probability of exploitation activity in the next 30 days: 17.12%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 96 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-0378
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2010-0378
-
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-0378
-
http://secunia.com/advisories/27105
Sign inBroken Link;Vendor Advisory
-
http://securitytracker.com/id?1023435
Adobe Flash 6 on Windows XP Has Multiple Flaws That Let Remote Users Execute Arbitrary Code - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
-
http://secunia.com/secunia_research/2007-77/
Secunia Research Advisories | FlexeraBroken Link;Vendor Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7580
Repository / Oval RepositoryBroken Link
-
http://www.kb.cert.org/vuls/id/204889
VU#204889 - Windows XP Macromedia Flash 6 ActiveX control use-after-free vulnerabilityThird Party Advisory;US Government Resource
-
http://www.microsoft.com/technet/security/advisory/979267.mspx
Technical documentation, API, and code examples | Microsoft DocsBroken Link;Patch;Vendor Advisory
Products affected by CVE-2010-0378
- cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*