fkie_cve-2010-2215
Vulnerability from fkie_nvd
Published
2010-08-11 18:47
Modified
2024-11-21 01:16
Severity ?
Summary
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "click-jacking" issue.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"matchCriteriaId": "04F8EB6C-A94C-4248-A899-61EBC0F46DD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97F0F4B8-A8AE-4AF2-8991-36DF5478AC90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:adobe_air:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F180F403-7032-497F-955B-0CB1D5CA3A74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C33E3BD1-CFF8-40C5-9247-1BA5D64A0AA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:adobe_air:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16E50A13-564F-4CE7-8335-B99B83AA0B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E76E7759-50B7-4351-AC46-16B02778EDC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:adobe_air:1.5.3.9120:*:*:*:*:*:*:*",
"matchCriteriaId": "0D551FDD-F7FC-4F9A-9A07-A5091E15774B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F901FB44-DC26-4284-B160-EE4A4F8F9DF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F0877D65-5127-4C64-849B-A586FFCDC27B",
"versionEndIncluding": "10.1.53.64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DDFF4A51-C936-4C5B-8276-FD454C9E4F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D5ECC9D7-3386-4FEA-9218-91E31FF90F3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "F0E93289-6EE0-401A-958D-F59D2CDAE2F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*",
"matchCriteriaId": "0FA3E556-BF8F-4D30-8DE5-09DA3FD8D5C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "641776AE-5408-439E-8290-DD9324771874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "138A932A-D775-46A2-86EC-3C03C96884C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D12E3957-D7B2-4F3B-BB64-8B50B8958DEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C5537E-3153-400D-9F9B-91E7F1218C8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6693B1C4-B2A9-4725-AD0E-A266B9DF55AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A95FA639-346C-491C-81A8-6C2A7B01AA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9F1E5AB-DEFA-42FC-A299-C8EEB778F9C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7DD938-F963-4E03-B66B-F00436E4EA9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*",
"matchCriteriaId": "351825F4-227D-4743-A74B-EAFC1034500B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A0777F-22C2-4FD5-BE81-8982BE6874D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "F35F86B6-D49A-40F4-BFFA-5D6BBA2F7D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*",
"matchCriteriaId": "600DDA9D-6440-48D1-8539-7127398A8678",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "B4D5E27C-F6BF-4F84-9B83-6AEC98B4AA14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "934A869D-D58D-4C36-B86E-013F62790585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "ACFA6611-99DA-48B0-89F7-DD99B8E30334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*",
"matchCriteriaId": "59AF804B-BD7A-4AD7-AD44-B5D980443B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "F5D52F86-2E38-4C66-9939-7603367B8D0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0557AA2A-FA3A-460A-8F03-DC74B149CA3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC04ABF-6191-4AA5-90B2-E7A97E6C6005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F22F1B02-CCF5-4770-A79B-1F58CA4321CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93957171-F1F4-43ED-A8B9-2D36C81EB1F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7AE89894-E492-4380-8A2B-4CDD3A15667A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6ED706-BAF2-4795-B597-6F7EE8CA8911",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*",
"matchCriteriaId": "260E2CF6-4D15-4168-A933-3EC52D8F93FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D50BF190-2629-49A8-A377-4723C93FFB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E59E2AD-38BB-46DF-AC0D-D36F1F259AD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DD04F04C-30CE-4A8D-B254-B10DEF62CEEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96DC7742-499D-4BF5-9C5B-FCFF912A9892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33AC4365-576C-487A-89C5-197A26D416C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*",
"matchCriteriaId": "84B367AC-E1E1-4BC5-8BF4-D5B517C0CA7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0A9C054-1F82-41DD-BE13-2B71B6F87F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE848097-01E6-4C9B-9593-282D55CC77D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*",
"matchCriteriaId": "08E4028B-72E7-4E4A-AD0F-645F5AACAA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "63313ADA-3C52-47C8-9745-6BF6AEF0F6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*",
"matchCriteriaId": "BA646396-7C10-45A0-89A9-C75C5D8AFB3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*",
"matchCriteriaId": "476BB487-150A-4482-8C84-E6A2995A97E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*",
"matchCriteriaId": "3555324F-40F8-4BF4-BE5F-52A1E22B3AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*",
"matchCriteriaId": "60540FDE-8C31-4679-A85E-614B1EFE1FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*",
"matchCriteriaId": "AE652520-B693-47F1-A342-621C149A7430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D0EC3272-8E1E-4415-A254-BB6C7FB49BEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0CF5AF16-A4F2-4E65-ADA8-DE11BE1F198D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F7DF88E7-1A67-447C-BCF8-5C5564002207",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player_for_linux:9.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "DC9C3926-1FDB-4D8C-AC72-C7E1A222DB35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player_for_linux:9.0.48.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1F08319F-1C6D-4BC5-BAF9-251509974532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player_for_linux:9.0.115.0:*:*:*:*:*:*:*",
"matchCriteriaId": "15C534DD-167D-45AA-B6DD-0776E78E649A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player_for_linux:9.0.124.0:*:*:*:*:*:*:*",
"matchCriteriaId": "910B58CC-8121-4B71-9ED9-3C9C45FA085B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player_for_linux:9.0.151.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97ECD19C-D44F-40C9-A92B-3F84D8DF4A2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player_for_linux:10.0.12.36:*:*:*:*:*:*:*",
"matchCriteriaId": "FE94BCCA-F6B2-48C9-8FBD-36CC3194B00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player_for_linux:10.0.15.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBBCC4B-7C93-40FB-A84B-7BEC13536B1A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a \"click-jacking\" issue."
},
{
"lang": "es",
"value": "Adobe Flash Player anterior v9.0.280 y v10.x anterior v10.1.82.76, y Adobe AIR anterior v2.0.3, permite a atacantes enga\u00f1ar a usuarios en (1) la selecci\u00f3n de un enlace o (2) completar un di\u00e1logo, relacionado con el tema \"click-jacking\"."
}
],
"id": "CVE-2010-2215",
"lastModified": "2024-11-21T01:16:10.213",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-08-11T18:47:50.437",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "psirt@adobe.com",
"url": "http://marc.info/?l=bugtraq\u0026m=128767780602751\u0026w=2"
},
{
"source": "psirt@adobe.com",
"url": "http://marc.info/?l=bugtraq\u0026m=128767780602751\u0026w=2"
},
{
"source": "psirt@adobe.com",
"url": "http://secunia.com/advisories/43026"
},
{
"source": "psirt@adobe.com",
"url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
},
{
"source": "psirt@adobe.com",
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/42361"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id?1024621"
},
{
"source": "psirt@adobe.com",
"url": "http://www.vupen.com/english/advisories/2011/0192"
},
{
"source": "psirt@adobe.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11532"
},
{
"source": "psirt@adobe.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=128767780602751\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=128767780602751\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43026"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201101-09.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT4435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb10-16.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/42361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11532"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16192"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.