Originally, the following CVE-2010-0187 security flaw has been reported against Adobe Flash Player v10.x and earlier versions: [1] http://www.adobe.com/support/security/bulletins/apsb10-06.html CVE-2010-0187 got following description from MITRE: "Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 allow remote attackers to cause a denial of service (application crash) via a modified SWF file." Public reproducers for the CVE-2010-0187 are available here: [2] http://www.exploit-db.com/exploits/11182/ [3] http://sebug.net/exploit/18967/ Further testing showed, this deficiency affects also v9.x based versions of Adobe Flash Player. This new discovered flaw got CVE id of CVE-2010-2172.
This issue affects the versions of the flash-plugin package, as shipped with Red Hat Enterprise Linux 3 and 4. This issue has been addressed in following products: Extras for Red Hat Enterprise Linux 5 Via RHSA-2010:0102 https://rhn.redhat.com/errata/RHSA-2010-0102.html
This was publicly noted in APSB10-14: http://www.adobe.com/support/security/bulletins/apsb10-14.html Specifically: This update resolves a denial of service issue on some UNIX platforms (Flash Player 9 only) (CVE-2010-2172).
This issue has been addressed in following products: Extras for RHEL 3 Extras for RHEL 4 Via RHSA-2010:0470 https://rhn.redhat.com/errata/RHSA-2010-0470.html