Launchpad.net

CVE 2010-3654

Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.

Related bugs and status

CVE-2010-3654 (Candidate) is related to these bugs:

Bug #667887: Adobe APSA10-05

		In	Importance	Status
667887	Adobe APSA10-05	adobe-flashplugin (Ubuntu)	Medium	Invalid
667887	Adobe APSA10-05	flashplugin-nonfree (Ubuntu)	Medium	Fix Released
667887	Adobe APSA10-05	acroread (Ubuntu)	Medium	Invalid
667887	Adobe APSA10-05	acroread (Ubuntu Hardy)	Undecided	Fix Released
667887	Adobe APSA10-05	adobe-flashplugin (Ubuntu Hardy)	Undecided	Fix Released
667887	Adobe APSA10-05	flashplugin-nonfree (Ubuntu Hardy)	Undecided	Fix Released
667887	Adobe APSA10-05	acroread (Ubuntu Karmic)	Undecided	Fix Released
667887	Adobe APSA10-05	adobe-flashplugin (Ubuntu Karmic)	Undecided	Fix Released
667887	Adobe APSA10-05	flashplugin-nonfree (Ubuntu Karmic)	Undecided	Fix Released
667887	Adobe APSA10-05	acroread (Ubuntu Lucid)	Undecided	Fix Released
667887	Adobe APSA10-05	adobe-flashplugin (Ubuntu Lucid)	Undecided	Fix Released
667887	Adobe APSA10-05	flashplugin-nonfree (Ubuntu Lucid)	Undecided	Fix Released
667887	Adobe APSA10-05	acroread (Ubuntu Maverick)	Undecided	Fix Released
667887	Adobe APSA10-05	adobe-flashplugin (Ubuntu Maverick)	Undecided	Fix Released
667887	Adobe APSA10-05	flashplugin-nonfree (Ubuntu Maverick)	Undecided	Fix Released
667887	Adobe APSA10-05	acroread (Ubuntu Natty)	Medium	Invalid
667887	Adobe APSA10-05	adobe-flashplugin (Ubuntu Natty)	Medium	Invalid
667887	Adobe APSA10-05	flashplugin-nonfree (Ubuntu Natty)	Medium	Fix Released

Bug #670119: Security advisory for Flash requires an update

		In	Importance	Status
670119	Security advisory for Flash requires an update	flashplugin-nonfree (Ubuntu)	Undecided	Confirmed
670119	Security advisory for Flash requires an update	adobe-flashplugin (Ubuntu)	Undecided	Confirmed
670119	Security advisory for Flash requires an update	acroread (Ubuntu)	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

References

MISC: http://contagiodump.bl...
CONFIRM: http://www.adobe.com/s...
CERT-VN: VU#298081
BID: 44504
SECUNIA: 41917
CONFIRM: http://www.adobe.com/s...
CONFIRM: http://support.apple.c...
APPLE: APPLE-SA-2010-11-10-1
REDHAT: RHSA-2010:0829
REDHAT: RHSA-2010:0834
SECTRACK: 1024659
SECTRACK: 1024660
SECUNIA: 42030
SECUNIA: 42183
VUPEN: ADV-2010-2903
VUPEN: ADV-2010-2906
VUPEN: ADV-2010-2918
CONFIRM: http://www.adobe.com/s...
REDHAT: RHSA-2010:0934
REDHAT: RHSA-2010:0867
SUSE: SUSE-SA:2010:058
SECUNIA: 42401
VUPEN: ADV-2010-3111
CONFIRM: http://blogs.sun.com/s...
SECUNIA: 42926
GENTOO: GLSA-201101-08
GENTOO: GLSA-201101-09
SUSE: SUSE-SA:2010:055
VUPEN: ADV-2011-0173
SECUNIA: 43025
SECUNIA: 43026
VUPEN: ADV-2011-0191
VUPEN: ADV-2011-0192
TURBO: TLSA-2011-2
VUPEN: ADV-2011-0344
SREASON: 8210
OVAL: oval:org.mitre.oval:de...