製品・ソフトウェアに関する情報

JVN脆弱性詳細

Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性

タイトル	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性
概要	Adobe Flash Player および Adobe AIR には、任意のコードを実行される、またはサービス運用妨害 (DoS) 状態となる脆弱性が存在します。本脆弱性は、CVE-2010-0209、CVE-2010-2213 および CVE-2010-2216 とは異なる脆弱性です。
想定される影響	攻撃者により、任意のコードを実行される、またはサービス運用妨害 (DoS) 状態にされる可能性があります。
対策	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
公表日	2010年8月10日0:00
登録日	2010年9月3日16:33
最終更新日	2010年12月1日15:10

CVSS2.0 : 危険
スコア	9.3
ベクター	AV:N/AC:M/Au:N/C:C/I:C/A:C

影響を受けるシステム

レッドハット

Red Hat Enterprise Linux Extras 3 extras

Red Hat Enterprise Linux Extras 4 extras

Red Hat Enterprise Linux Extras 4.8.z extras

RHEL Desktop Supplementary 5 (client)

RHEL Supplementary 5 (server)

RHEL Supplementary EUS 5.4.z (server)

アドビシステムズ

Adobe AIR 2.0.2.12610

Adobe Flash CS3 Professional

Adobe Flash CS4 Professional

Adobe Flash Professional CS5

Adobe Flash Player 10.1.53.64 およびそれ以前

Adobe Flex 3

Adobe Flex 4

アップル

Apple Mac OS X v10.5.8

Apple Mac OS X v10.6 から v10.6.4

Apple Mac OS X Server v10.5.8

Apple Mac OS X Server v10.6 から v10.6.4

CVE (情報セキュリティ共通脆弱性識別子)

No	名前	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2010-2214	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2214
National Vulnerability Database (NVD)
2	CVE-2010-2214	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2214

CWE (共通脆弱性タイプ一覧)

No	名前	URL
JVNDB
1	CWE-94	https://jvndb.jvn.jp/ja/cwe/CWE-94.html

ベンダー情報

No	名前	URL
Adobe Security Bulletin
1	APSB10-16	http://www.adobe.com/support/security/bulletins/apsb10-16.html
Adobe セキュリティ情報
2	APSB10-16	http://www.adobe.com/jp/support/security/bulletins/apsb10-16.html
Apple Security Updates
3	HT4435	http://support.apple.com/kb/HT4435
Apple セキュリティアップデート
4	HT4435	http://support.apple.com/kb/HT4435?viewlocale=ja_JP
Red Hat Security Advisory
5	RHSA-2010:0623	https://rhn.redhat.com/errata/RHSA-2010-0623.html
6	RHSA-2010:0624	https://rhn.redhat.com/errata/RHSA-2010-0624.html
7	RHSA-2010:0636	https://rhn.redhat.com/errata/RHSA-2010-0636.html
富士通セキュリティ情報
8	TA10-223A	http://software.fujitsu.com/jp/security/vulnerabilities/ta10-223a.html

その他

No	名前	URL
JPCERT 緊急報告
1	JPCERT-AT-2010-0021	http://www.jpcert.or.jp/at/2010/at100021.txt
JVN
2	JVNTA10-223A	http://jvn.jp/cert/JVNTA10-223A
3	JVNVU#331391	http://jvn.jp/cert/JVNVU331391
Secunia Advisory
4	SA40907	http://secunia.com/advisories/40907
SecurityFocus
5	42358	http://www.securityfocus.com/bid/42358
US-CERT Cyber Security Alerts
6	SA10-223A	http://www.us-cert.gov/cas/alerts/SA10-223A.html
US-CERT Technical Cyber Security Alert
7	TA10-223A	http://www.us-cert.gov/cas/techalerts/TA10-223A.html
VUPEN Security
8	VUPEN/ADV-2010-2064	http://www.vupen.com/english/advisories/2010/2064
警察庁 @police
9	アドビシステムズ社の Adobe Flash Player のセキュリティ修正プログラムについて	http://www.npa.go.jp/cyberpolice/#topics

変更履歴

No	変更内容	変更日
0	[2010年09月03日] 掲載 [2010年12月01日] 影響を受けるシステム：アップル (HT4435) の情報を追加ベンダ情報：アップル (HT4435) を追加	2018年2月17日10:37

NVD脆弱性情報

CVE-2010-2214

概要	Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2216.
公表日	2010年8月12日3:47
登録日	2021年1月29日11:02
最終更新日	2024年11月21日10:16

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:adobe:flash_player:10.1.52.15:::::::*
cpe:2.3:a:adobe:flash_player:9.0.125.0:::::::*
cpe:2.3:a:adobe:adobe_air:1.0:::::::*
cpe:2.3:a:adobe:adobe_air:1.5:::::::*
cpe:2.3:a:adobe:flash_player:9.0.48.0:::::::*
cpe:2.3:a:adobe:flash_player:9.125.0:::::::*
cpe:2.3:a:adobe:adobe_air::::::::
cpe:2.3:a:adobe:adobe_air:1.5.1:::::::*
cpe:2.3:a:adobe:flash_player:10.0.15.3:::::::*
cpe:2.3:a:adobe:flash_player::::::::
cpe:2.3:a:adobe:flash_player:9.0.18d60:::::::*
cpe:2.3:a:adobe:flash_player:7.1.1:::::::*
cpe:2.3:a:adobe:flash_player_for_linux:10.0.12.36:::::::*
cpe:2.3:a:adobe:flash_player:9.0.124.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.47.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.63:::::::*
cpe:2.3:a:adobe:flash_player:10.0.12.36:::::::*
cpe:2.3:a:adobe:flash_player:8.0.35.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.114.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.20.0:::::::*
cpe:2.3:a:adobe:flash_player:10.0.42.34:::::::*
cpe:2.3:a:adobe:flash_player:9.0.31.0:::::::*
cpe:2.3:a:adobe:flash_player:10.1.52.14.1:::::::*
cpe:2.3:a:adobe:flash_player:8.0.22.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.260.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.159.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.112.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.16:::::::*
cpe:2.3:a:adobe:flash_player:10.0.45.2:::::::*
cpe:2.3:a:adobe:flash_player:10.0.0.584:::::::*
cpe:2.3:a:adobe:adobe_air:1.5.3:::::::*
cpe:2.3:a:adobe:flash_player:8.0.42.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.28.0:::::::*
cpe:2.3:a:adobe:flash_player_for_linux:9.0.115.0:::::::*
cpe:2.3:a:adobe:flash_player_for_linux:9.0.31:::::::*
cpe:2.3:a:adobe:flash_player:10.0.22.87:::::::*
cpe:2.3:a:adobe:flash_player_for_linux:10.0.15.3:::::::*
cpe:2.3:a:adobe:flash_player:9.0.28:::::::*
cpe:2.3:a:adobe:flash_player:9.0.45.0:::::::*
cpe:2.3:a:adobe:flash_player:10.0.32.18:::::::*
cpe:2.3:a:adobe:flash_player:7.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.31:::::::*
cpe:2.3:a:adobe:flash_player:7.2:::::::*
cpe:2.3:a:adobe:flash_player_for_linux:9.0.48.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.115.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.25:::::::*
cpe:2.3:a:adobe:flash_player_for_linux:9.0.124.0:::::::*
cpe:2.3:a:adobe:flash_player:8.0:::::::*
cpe:2.3:a:adobe:flash_player:8.0.33.0:::::::*
cpe:2.3:a:adobe:flash_player:8.0.39.0:::::::*
cpe:2.3:a:adobe:flash_player::::::::		10.1.53.64
cpe:2.3:a:adobe:flash_player_for_linux:9.0.151.0:::::::*
cpe:2.3:a:adobe:adobe_air:1.5.3.9120:::::::*
cpe:2.3:a:adobe:adobe_air:1.0.1:::::::*
cpe:2.3:a:adobe:flash_player:8.0.34.0:::::::*
cpe:2.3:a:adobe:flash_player:10.0.12.10:::::::*
cpe:2.3:a:adobe:flash_player:9.0.151.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.20:::::::*
cpe:2.3:a:adobe:flash_player:7.0.1:::::::*
cpe:2.3:a:adobe:flash_player:9.0.246.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.152.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0:::::::*

構成1	以上	以下	より上	未満
cpe:2.3:a:adobe:flash_player:10.1.52.15:::::::*
cpe:2.3:a:adobe:flash_player:9.0.125.0:::::::*
cpe:2.3:a:adobe:adobe_air:1.0:::::::*
cpe:2.3:a:adobe:adobe_air:1.5:::::::*
cpe:2.3:a:adobe:flash_player:9.0.48.0:::::::*
cpe:2.3:a:adobe:flash_player:9.125.0:::::::*
cpe:2.3:a:adobe:adobe_air::::::::
cpe:2.3:a:adobe:adobe_air:1.5.1:::::::*
cpe:2.3:a:adobe:flash_player:10.0.15.3:::::::*
cpe:2.3:a:adobe:flash_player::::::::
cpe:2.3:a:adobe:flash_player:9.0.18d60:::::::*
cpe:2.3:a:adobe:flash_player:7.1.1:::::::*
cpe:2.3:a:adobe:flash_player_for_linux:10.0.12.36:::::::*
cpe:2.3:a:adobe:flash_player:9.0.124.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.47.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.63:::::::*
cpe:2.3:a:adobe:flash_player:10.0.12.36:::::::*
cpe:2.3:a:adobe:flash_player:8.0.35.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.114.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.20.0:::::::*
cpe:2.3:a:adobe:flash_player:10.0.42.34:::::::*
cpe:2.3:a:adobe:flash_player:9.0.31.0:::::::*
cpe:2.3:a:adobe:flash_player:10.1.52.14.1:::::::*
cpe:2.3:a:adobe:flash_player:8.0.22.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.260.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.159.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.112.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.16:::::::*
cpe:2.3:a:adobe:flash_player:10.0.45.2:::::::*
cpe:2.3:a:adobe:flash_player:10.0.0.584:::::::*
cpe:2.3:a:adobe:adobe_air:1.5.3:::::::*
cpe:2.3:a:adobe:flash_player:8.0.42.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.28.0:::::::*
cpe:2.3:a:adobe:flash_player_for_linux:9.0.115.0:::::::*
cpe:2.3:a:adobe:flash_player_for_linux:9.0.31:::::::*
cpe:2.3:a:adobe:flash_player:10.0.22.87:::::::*
cpe:2.3:a:adobe:flash_player_for_linux:10.0.15.3:::::::*
cpe:2.3:a:adobe:flash_player:9.0.28:::::::*
cpe:2.3:a:adobe:flash_player:9.0.45.0:::::::*
cpe:2.3:a:adobe:flash_player:10.0.32.18:::::::*
cpe:2.3:a:adobe:flash_player:7.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.31:::::::*
cpe:2.3:a:adobe:flash_player:7.2:::::::*
cpe:2.3:a:adobe:flash_player_for_linux:9.0.48.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.115.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.25:::::::*
cpe:2.3:a:adobe:flash_player_for_linux:9.0.124.0:::::::*
cpe:2.3:a:adobe:flash_player:8.0:::::::*
cpe:2.3:a:adobe:flash_player:8.0.33.0:::::::*
cpe:2.3:a:adobe:flash_player:8.0.39.0:::::::*
cpe:2.3:a:adobe:flash_player::::::::		10.1.53.64
cpe:2.3:a:adobe:flash_player_for_linux:9.0.151.0:::::::*
cpe:2.3:a:adobe:adobe_air:1.5.3.9120:::::::*
cpe:2.3:a:adobe:adobe_air:1.0.1:::::::*
cpe:2.3:a:adobe:flash_player:8.0.34.0:::::::*
cpe:2.3:a:adobe:flash_player:10.0.12.10:::::::*
cpe:2.3:a:adobe:flash_player:9.0.151.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.20:::::::*
cpe:2.3:a:adobe:flash_player:7.0.1:::::::*
cpe:2.3:a:adobe:flash_player:9.0.246.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.152.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0:::::::*

No	URL	refsource	タグ
1	http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
2	http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
3	http://marc.info/?l=bugtraq&m=128767780602751&w=2
4	http://marc.info/?l=bugtraq&m=128767780602751&w=2
5	http://marc.info/?l=bugtraq&m=128767780602751&w=2
6	http://marc.info/?l=bugtraq&m=128767780602751&w=2
7	http://secunia.com/advisories/43026
8	http://secunia.com/advisories/43026
9	http://security.gentoo.org/glsa/glsa-201101-09.xml
10	http://security.gentoo.org/glsa/glsa-201101-09.xml
11	http://support.apple.com/kb/HT4435
12	http://support.apple.com/kb/HT4435
13	http://www.adobe.com/support/security/bulletins/apsb10-16.html
14	http://www.adobe.com/support/security/bulletins/apsb10-16.html
15	http://www.securityfocus.com/bid/42358
16	http://www.securityfocus.com/bid/42358
17	http://www.securitytracker.com/id?1024621
18	http://www.securitytracker.com/id?1024621
19	http://www.vupen.com/english/advisories/2011/0192
20	http://www.vupen.com/english/advisories/2011/0192
21	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11971
22	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11971
23	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15966
24	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15966