Back to search

OS X update for Flash Player plug-in (CVE-2010-1297)

Severity CVSS Published Added Modified
9 (AV:N/AC:M/Au:N/C:C/I:C/A:C) June 08, 2010 December 16, 2011 August 28, 2013

Available Exploits 

Description

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

  • Apple Mac OS X 10.5.8

    Apply OS X security update 2010-007

    Apply the necessary updates by selecting 'Software Update' from the Apple menu, or by using the softwareupdate utility

  • Apple Mac OS X >= 10.6 and < 10.6.5

    Upgrade to OS X version 10.6.5

    Apply the necessary updates by selecting 'Software Update' from the Apple menu, or by using the softwareupdate utility

Related Vulnerabilities