VIR Vulnerability Intelligence Relay

CVE-2010-0187

medium
Published 2010-02-15 ยท Modified 2026-04-29
๐Ÿ’ฌ Discuss on Community โœš Propose mitigation
CVSS v3
โ€”
CVSS v4 NEW
โ€”
not yet in upstream
VIR risk
5.3

Description

Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 allow remote attackers to cause a denial of service (application crash) via a modified SWF file.

Predictions

Exploit likelihood
20%
Patch ETA
โ€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ€” if you've already worked around this in production โ€” publish your fix to the community-verified tier.

โœš Propose a mitigation on Community โ†’ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

Exploits

Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.

Exploit-DB

EDB-11182 dos windows verified
Mert SARICA ยท 2010-01-18

Microsoft Internet Explorer 6/7/8 - Shockwave Flash Object Denial of Service

Source code queued for fetch โ€” refresh in a moment.

Application impact
VendorProductVersionsFixed
adobe adobeflash_player7.2
adobe adobeflash_player8.0
adobe adobeflash_player8.0.22.0
adobe adobeflash_player8.0.24.0
adobe adobeflash_player8.0.33.0
adobe adobeflash_player8.0.34.0
adobe adobeflash_player8.0.35.0
adobe adobeflash_player8.0.39.0
adobe adobeflash_player8.0.42.0
adobe adobeflash_player{"endIncluding":"10.0.42.34"}
adobe adobeflash_player6.0.21.0
adobe adobeflash_player6.0.79
adobe adobeflash_player9.0
adobe adobeadobe_air{"endIncluding":"1.5.3.9120"}
adobe adobeadobe_air1.0
adobe adobeadobe_air1.1
adobe adobeflash_player10.0.12.10
adobe adobeflash_player10.0.12.36
adobe adobeflash_player10.0.15.3
adobe adobeflash_player10.0.22.87
adobe adobeflash_player10.0.32.18
adobe adobeadobe_air1.5.1
adobe adobeadobe_air1.5.2
adobe adobeadobe_air1.5.3
adobe adobeflash_player9.0.115.0
adobe adobeflash_player9.0.124.0
adobe adobeflash_player9.0.125.0
adobe adobeflash_player9.0.151.0
adobe adobeflash_player9.0.152.0
adobe adobeflash_player9.0.159.0
adobe adobeflash_player9.0.246.0
adobe adobeflash_player9.0.260.0
adobe adobeflash_player9.125.0
adobe adobeflash_player7.0
adobe adobeflash_player7.0.1
adobe adobeflash_player7.0.25
adobe adobeflash_player7.0.63
adobe adobeflash_player7.0.69.0
adobe adobeflash_player7.0.70.0
adobe adobeflash_player7.1
adobe adobeflash_player7.1.1
adobe adobeflash_player9.0.16
adobe adobeflash_player9.0.18d60
adobe adobeflash_player9.0.20
adobe adobeflash_player9.0.20.0
adobe adobeflash_player9.0.28.0
adobe adobeflash_player9.0.31
adobe adobeflash_player9.0.31.0
adobe adobeflash_player9.0.45.0
adobe adobeflash_player9.0.47.0
adobe adobeflash_player9.0.48.0
adobe adobeflash_player9.0.112.0
adobe adobeflash_player9.0.114.0

References

CWEs

CWE-94

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.