cvelistv5 - cve-2010-0186

CVE-2010-0186 (GCVE-0-2010-0186)

Vulnerability from cvelistv5

Published

2010-02-15 18:00

Modified

2024-08-07 00:37

Severity ?

CWE

Summary

Cross-domain vulnerability in Adobe Flash Player before 10.0.45.2, Adobe AIR before 1.5.3.9130, and Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors.

References

URL

Tags

	http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://www.vupen.com/english/advisories/2011/0192	vdb-entry, x_refsource_VUPEN
	http://www.vupen.com/english/advisories/2010/1481	vdb-entry, x_refsource_VUPEN
	http://www.osvdb.org/62300	vdb-entry, x_refsource_OSVDB
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8518	vdb-entry, signature, x_refsource_OVAL
	http://www.securityfocus.com/bid/38198	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/43026	third-party-advisory, x_refsource_SECUNIA
	http://security.gentoo.org/glsa/glsa-201101-09.xml	vendor-advisory, x_refsource_GENTOO
	https://rhn.redhat.com/errata/RHSA-2010-0102.html	vendor-advisory, x_refsource_REDHAT
	http://securitytracker.com/id?1023585	vdb-entry, x_refsource_SECTRACK
	http://www.redhat.com/support/errata/RHSA-2010-0114.html	vendor-advisory, x_refsource_REDHAT
	http://support.apple.com/kb/HT4188	x_refsource_CONFIRM
	http://secunia.com/advisories/40220	third-party-advisory, x_refsource_SECUNIA
	http://www.adobe.com/support/security/bulletins/apsb10-06.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=563819	x_refsource_CONFIRM
	http://www.adobe.com/support/security/bulletins/apsb10-07.html	x_refsource_CONFIRM
	http://secunia.com/advisories/38547	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/38639	third-party-advisory, x_refsource_SECUNIA
	https://rhn.redhat.com/errata/RHSA-2010-0103.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/38915	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:37:54.124Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "APPLE-SA-2010-06-15-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"
          },
          {
            "name": "ADV-2011-0192",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0192"
          },
          {
            "name": "ADV-2010-1481",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1481"
          },
          {
            "name": "62300",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/62300"
          },
          {
            "name": "oval:org.mitre.oval:def:8518",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8518"
          },
          {
            "name": "38198",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38198"
          },
          {
            "name": "43026",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43026"
          },
          {
            "name": "GLSA-201101-09",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
          },
          {
            "name": "RHSA-2010:0102",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2010-0102.html"
          },
          {
            "name": "1023585",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023585"
          },
          {
            "name": "RHSA-2010:0114",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0114.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4188"
          },
          {
            "name": "40220",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40220"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.adobe.com/support/security/bulletins/apsb10-06.html"
          },
          {
            "name": "SUSE-SR:2010:006",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=563819"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
          },
          {
            "name": "38547",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38547"
          },
          {
            "name": "38639",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38639"
          },
          {
            "name": "RHSA-2010:0103",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2010-0103.html"
          },
          {
            "name": "38915",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38915"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cross-domain vulnerability in Adobe Flash Player before 10.0.45.2, Adobe AIR before 1.5.3.9130, and Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01.000Z",
        "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "shortName": "adobe"
      },
      "references": [
        {
          "name": "APPLE-SA-2010-06-15-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"
        },
        {
          "name": "ADV-2011-0192",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0192"
        },
        {
          "name": "ADV-2010-1481",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1481"
        },
        {
          "name": "62300",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/62300"
        },
        {
          "name": "oval:org.mitre.oval:def:8518",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8518"
        },
        {
          "name": "38198",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38198"
        },
        {
          "name": "43026",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43026"
        },
        {
          "name": "GLSA-201101-09",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
        },
        {
          "name": "RHSA-2010:0102",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2010-0102.html"
        },
        {
          "name": "1023585",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023585"
        },
        {
          "name": "RHSA-2010:0114",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0114.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4188"
        },
        {
          "name": "40220",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40220"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.adobe.com/support/security/bulletins/apsb10-06.html"
        },
        {
          "name": "SUSE-SR:2010:006",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=563819"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
        },
        {
          "name": "38547",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38547"
        },
        {
          "name": "38639",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38639"
        },
        {
          "name": "RHSA-2010:0103",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2010-0103.html"
        },
        {
          "name": "38915",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38915"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@adobe.com",
          "ID": "CVE-2010-0186",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cross-domain vulnerability in Adobe Flash Player before 10.0.45.2, Adobe AIR before 1.5.3.9130, and Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "APPLE-SA-2010-06-15-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html"
            },
            {
              "name": "ADV-2011-0192",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0192"
            },
            {
              "name": "ADV-2010-1481",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1481"
            },
            {
              "name": "62300",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/62300"
            },
            {
              "name": "oval:org.mitre.oval:def:8518",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8518"
            },
            {
              "name": "38198",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38198"
            },
            {
              "name": "43026",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43026"
            },
            {
              "name": "GLSA-201101-09",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
            },
            {
              "name": "RHSA-2010:0102",
              "refsource": "REDHAT",
              "url": "https://rhn.redhat.com/errata/RHSA-2010-0102.html"
            },
            {
              "name": "1023585",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023585"
            },
            {
              "name": "RHSA-2010:0114",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0114.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4188",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4188"
            },
            {
              "name": "40220",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/40220"
            },
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb10-06.html",
              "refsource": "CONFIRM",
              "url": "http://www.adobe.com/support/security/bulletins/apsb10-06.html"
            },
            {
              "name": "SUSE-SR:2010:006",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=563819",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=563819"
            },
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb10-07.html",
              "refsource": "CONFIRM",
              "url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
            },
            {
              "name": "38547",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38547"
            },
            {
              "name": "38639",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38639"
            },
            {
              "name": "RHSA-2010:0103",
              "refsource": "REDHAT",
              "url": "https://rhn.redhat.com/errata/RHSA-2010-0103.html"
            },
            {
              "name": "38915",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38915"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
    "assignerShortName": "adobe",
    "cveId": "CVE-2010-0186",
    "datePublished": "2010-02-15T18:00:00.000Z",
    "dateReserved": "2010-01-06T00:00:00.000Z",
    "dateUpdated": "2024-08-07T00:37:54.124Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2010-AVI-265

Vulnerability from certfr_avis

De multiples vulnérabilité ont été découvertes dans Mac OS X. L'exploitation de ces vulnérabilités permet de réaliser un grand nombre d'actions malveillantes.

Description

Ces vulnérabilités touchent de nombreux logiciels faisant partis du système Mac OS X. Elles permettent à une personne malveillante de réaliser un grand nombre d'actions malveillantes, dont l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Mac OS X 10.6 (Snow Leopard) versions antérieures à 10.6.4.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple du 15 juin 2010	None	vendor-advisory
Bulletin de sécurité Apple HT4188 du 15 juin 2010 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eMac OS X 10.6 (Snow Leopard) versions  ant\u00e9rieures \u00e0 10.6.4.\u003c/p\u003e",
  "content": "## Description\n\nCes vuln\u00e9rabilit\u00e9s touchent de nombreux logiciels faisant partis du\nsyst\u00e8me Mac OS X. Elles permettent \u00e0 une personne malveillante de\nr\u00e9aliser un grand nombre d\u0027actions malveillantes, dont l\u0027ex\u00e9cution de\ncode arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-1578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1578"
    },
    {
      "name": "CVE-2010-0540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0540"
    },
    {
      "name": "CVE-2010-1380",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1380"
    },
    {
      "name": "CVE-2010-0734",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0734"
    },
    {
      "name": "CVE-2010-0283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0283"
    },
    {
      "name": "CVE-2010-1374",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1374"
    },
    {
      "name": "CVE-2009-1580",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1580"
    },
    {
      "name": "CVE-2010-0543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0543"
    },
    {
      "name": "CVE-2010-0546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0546"
    },
    {
      "name": "CVE-2010-0545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0545"
    },
    {
      "name": "CVE-2009-1581",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1581"
    },
    {
      "name": "CVE-2010-1748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1748"
    },
    {
      "name": "CVE-2009-1579",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1579"
    },
    {
      "name": "CVE-2009-2964",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2964"
    },
    {
      "name": "CVE-2010-0186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0186"
    },
    {
      "name": "CVE-2010-0302",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0302"
    },
    {
      "name": "CVE-2010-1320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1320"
    },
    {
      "name": "CVE-2010-1379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1379"
    },
    {
      "name": "CVE-2010-1382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1382"
    },
    {
      "name": "CVE-2010-1377",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1377"
    },
    {
      "name": "CVE-2010-0541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0541"
    },
    {
      "name": "CVE-2010-1375",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1375"
    },
    {
      "name": "CVE-2010-0187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0187"
    },
    {
      "name": "CVE-2010-1376",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1376"
    },
    {
      "name": "CVE-2010-1411",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1411"
    },
    {
      "name": "CVE-2010-1381",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1381"
    },
    {
      "name": "CVE-2010-1373",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1373"
    },
    {
      "name": "CVE-2009-4212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4212"
    },
    {
      "name": "CVE-2009-1382",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1382"
    }
  ],
  "initial_release_date": "2010-06-16T00:00:00",
  "last_revision_date": "2010-06-16T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4188 du 15 juin 2010 :",
      "url": "http://support.apple.com/kb/HT4188"
    }
  ],
  "reference": "CERTA-2010-AVI-265",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-06-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9 ont \u00e9t\u00e9 d\u00e9couvertes dans Mac OS X.\nL\u0027exploitation de ces vuln\u00e9rabilit\u00e9s permet de r\u00e9aliser un grand nombre\nd\u0027actions malveillantes.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple du 15 juin 2010",
      "url": null
    }
  ]
}

CERTA-2010-AVI-081

Vulnerability from certfr_avis

De multiples vulnérabilités dans Adobe Reader et Adobe Acrobat permettent, entre autres, l'exécution de code arbitraire à distance.

Description

De multiples vulnérabilités ont été identifiées dans les logiciels Adobe Reader et Adobe Acrobat. Leur exploitation permet notamment à une personne malintentionnée d'exécuter du code arbitraire à distance.

Il est à noter que la vulnérabilité permettant l'exécution de code arbitraire à distance est exploitable même si le support de Javascript est désactivé.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation). Les versions 9.3.1 et 8.2.1 des logiciels corrigent les problèmes.

None

Impacted products

Vendor	Product	Description
Adobe	Acrobat	Adobe Reader 8.2 et versions antérieures ;
Adobe	Acrobat	Adobe Acrobat 9.3 et versions antérieures ;
Adobe	Acrobat	Adobe Acrobat 8.2 et versions antérieures.
Adobe	Acrobat	Adobe Reader 9.3 et versions antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe APSB10-07 du 16 février 2010

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Adobe Reader 8.2 et versions ant\u00e9rieures ;",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Acrobat 9.3 et versions ant\u00e9rieures ;",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Acrobat 8.2 et versions ant\u00e9rieures.",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe Reader 9.3 et versions ant\u00e9rieures ;",
      "product": {
        "name": "Acrobat",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans les logiciels Adobe\nReader et Adobe Acrobat. Leur exploitation permet notamment \u00e0 une\npersonne malintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n\nIl est \u00e0 noter que la vuln\u00e9rabilit\u00e9 permettant l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance est exploitable m\u00eame si le support de Javascript\nest d\u00e9sactiv\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation). Les versions 9.3.1 et 8.2.1 des\nlogiciels corrigent les probl\u00e8mes.\n",
  "cves": [
    {
      "name": "CVE-2010-0186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0186"
    },
    {
      "name": "CVE-2010-0188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0188"
    }
  ],
  "initial_release_date": "2010-02-17T00:00:00",
  "last_revision_date": "2010-03-12T00:00:00",
  "links": [],
  "reference": "CERTA-2010-AVI-081",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-02-17T00:00:00.000000"
    },
    {
      "description": "mention de la branche 8.x et mise \u00e0 jour de la description.",
      "revision_date": "2010-03-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans Adobe Reader et Adobe Acrobat\npermettent, entre autres, l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Reader et Adobe Acrobat",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB10-07 du 16 f\u00e9vrier 2010",
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-07.html"
    }
  ]
}

CERTA-2010-AVI-078

Vulnerability from certfr_avis

Plusieurs vulnérabilités dans les produits Adobe Flash Player et Adobe Air permettent, entre autre, le contournement de la politique de sécurité.

Description

Plusieurs vulnérabilités ont été découvertes dans différentes versions des produits Adobe Flash Player et Adobe Air. Ces vulnérabilités permettent un contournement de la sandbox, ainsi que l'exécution non autorisée de requêtes (violation du same origin policy).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Adobe	N/A	Adobe Flash Player versions 10.0.42.34 et antérieures ;
	Adobe	N/A	Adobe AIR versions 1.5.3.1920 et antérieures.

References

Title

Publication Time

Tags

Bulletin de sécurité Adobe apsb10-06 du 11 février 2010	None	vendor-advisory
Bulletin de sécurité Adobe APSB10-06 du 11 février 2010 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Adobe Flash Player versions 10.0.42.34 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    },
    {
      "description": "Adobe AIR versions 1.5.3.1920 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Adobe",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans diff\u00e9rentes versions\ndes produits Adobe Flash Player et Adobe Air. Ces vuln\u00e9rabilit\u00e9s\npermettent un contournement de la sandbox, ainsi que l\u0027ex\u00e9cution non\nautoris\u00e9e de requ\u00eates (violation du same origin policy).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-0186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0186"
    },
    {
      "name": "CVE-2010-0187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0187"
    }
  ],
  "initial_release_date": "2010-02-12T00:00:00",
  "last_revision_date": "2010-02-12T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB10-06 du 11 f\u00e9vrier 2010 :",
      "url": "http://www.adobe.com/support/security/bulletins/apsb10-06.html"
    }
  ],
  "reference": "CERTA-2010-AVI-078",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-02-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans les produits Adobe Flash Player et Adobe\nAir permettent, entre autre, le contournement de la politique de\ns\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Flash Player et Adobe Air",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb10-06 du 11 f\u00e9vrier 2010",
      "url": null
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2010-0186 (GCVE-0-2010-0186)

Vulnerability from cvelistv5

CERTA-2010-AVI-265

Vulnerability from certfr_avis

Description

Solution

CERTA-2010-AVI-081

Vulnerability from certfr_avis

Description

Solution

CERTA-2010-AVI-078

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature