Vulnerabilities > CVE-2010-3975 - Unspecified vulnerability in Adobe Flash Player 9.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Untrusted search path vulnerability in Adobe Flash Player 9 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse schannel.dll that is located in the same folder as a file that is processed by Flash. Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Oval
accepted | 2015-08-03T04:00:20.540-04:00 | ||||||||||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||||||||||
contributors |
| ||||||||||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||||||||||
description | Untrusted search path vulnerability in Adobe Flash Player 9 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse schannel.dll that is located in the same folder as a file that is processed by Flash. | ||||||||||||||||||||||||||||
family | windows | ||||||||||||||||||||||||||||
id | oval:org.mitre.oval:def:12212 | ||||||||||||||||||||||||||||
status | accepted | ||||||||||||||||||||||||||||
submitted | 2011-03-16T19:18:43 | ||||||||||||||||||||||||||||
title | Untrusted search path vulnerability in Adobe Flash Player 9 and earlier versions. | ||||||||||||||||||||||||||||
version | 66 |