Launchpad.net

CVE 2010-0186

Cross-domain vulnerability in Adobe Flash Player before 10.0.45.2, Adobe AIR before 1.5.3.9130, and Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors.

Related bugs and status

CVE-2010-0186 (Candidate) is related to these bugs:

Bug #522093: flashplugin-installer security update request

		In	Importance	Status
522093	flashplugin-installer security update request	flashplugin-nonfree (Ubuntu)	Undecided	Fix Released
522093	flashplugin-installer security update request	flashplugin-nonfree (Ubuntu Hardy)	Undecided	Fix Released
522093	flashplugin-installer security update request	flashplugin-nonfree (Ubuntu Intrepid)	Undecided	Fix Released
522093	flashplugin-installer security update request	flashplugin-nonfree (Ubuntu Karmic)	Undecided	Fix Released
522093	flashplugin-installer security update request	flashplugin-nonfree (Ubuntu Lucid)	Undecided	Fix Released
522093	flashplugin-installer security update request	flashplugin-nonfree (Ubuntu Jaunty)	Undecided	Fix Released

Bug #522990: APSB10-07: update to Adobe Reader update 9.3.1 (please pull)

Summary				In	Importance	Status
	522990	APSB10-07: update to Adobe Reader update 9.3.1 (please pull)		Ubuntu Japanese Kaizen Project	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.adobe.com/s...
CONFIRM: https://bugzilla.redha...
REDHAT: RHSA-2010:0102
REDHAT: RHSA-2010:0103
BID: 38198
OSVDB: 62300
SECTRACK: 1023585
CONFIRM: http://www.adobe.com/s...
REDHAT: RHSA-2010:0114
SECUNIA: 38547
SECUNIA: 38639
SUSE: SUSE-SR:2010:006
SECUNIA: 38915
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2010-06-15-1
SECUNIA: 40220
VUPEN: ADV-2010-1481
GENTOO: GLSA-201101-09
SECUNIA: 43026
VUPEN: ADV-2011-0192
OVAL: oval:org.mitre.oval:de...