Lucene search

AdobeCVE-2011-0609

HistoryMar 15, 2011 - 5:55 p.m.

CVE-2011-0609

2011-03-1517:55:03

adobe

web.nvd.nist.gov

948

In Wild

cve-2011-0609

adobe flash player

adobe reader

acrobat

vulnerability

remote code execution

denial of service

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.9

Confidence

High

EPSS

0.971

Percentile

99.8%

JSON

Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.

Affected configurations

Nvd

Node

adobeflash_playerRange≤10.2.154.13

AND

applemac_os_xMatch-

linuxlinux_kernelMatch-

microsoftwindowsMatch-

oraclesolarisMatch-

Node

adobeflash_playerRange≤10.1.106.16

AND

googleandroidMatch-

Node

adobeacrobatRange9.0–9.4.2

adobeacrobatMatch10.0

adobeacrobatMatch10.0.1

adobeacrobat_readerRange9.0–9.4.2

adobeacrobat_readerMatch10.0

adobeacrobat_readerMatch10.0.1

AND

applemac_os_xMatch-

microsoftwindowsMatch-

Node

adobeairRange≤2.5.1

Node

opensuseopensuseMatch11.2

opensuseopensuseMatch11.3

opensuseopensuseMatch11.4

suselinux_enterpriseMatch10.0sp3

suselinux_enterpriseMatch11.0sp1

Node

googlechromeRange<10.0.648.134

AND

applemacosMatch-

googlechrome_osMatch-

linuxlinux_kernelMatch-

microsoftwindowsMatch-

VendorProductVersionCPE
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
applemac_os_x-cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
oraclesolaris-cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*
googleandroid-cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
adobeacrobat*cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*
adobeacrobat10.0cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*
adobeacrobat10.0.1cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:*
adobeacrobat_reader*cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::::
apple	mac_os_x	-	cpe:2.3:o:apple:mac_os_x:-:::::::*
linux	linux_kernel	-	cpe:2.3:o:linux:linux_kernel:-:::::::*
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*
oracle	solaris	-	cpe:2.3:o:oracle:solaris:-:::::::*
google	android	-	cpe:2.3:o:google:android:-:::::::*
adobe	acrobat	*	cpe:2.3:a:adobe:acrobat::::::::
adobe	acrobat	10.0	cpe:2.3:a:adobe:acrobat:10.0:::::::*
adobe	acrobat	10.0.1	cpe:2.3:a:adobe:acrobat:10.0.1:::::::*
adobe	acrobat_reader	*	cpe:2.3:a:adobe:acrobat_reader::::::::