Lucene search
AdobeCVE-2011-2138HistoryAug 10, 2011 - 10:55 p.m.
CVE-2011-2138
2011-08-1022:55:00
CWE-189
adobe
web.nvd.nist.gov
50
cve-2011-2138
adobe flash player
integer overflow
arbitrary code execution
nvd
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
9
Confidence
High
EPSS
0.071
Percentile
94.0%
Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2416.
Affected configurations
Node
adobeflash_playerRange≤10.3.181.36
ORadobeflash_playerMatch6.0.21.0
ORadobeflash_playerMatch6.0.79
ORadobeflash_playerMatch7.0
ORadobeflash_playerMatch7.0.1
ORadobeflash_playerMatch7.0.14.0
ORadobeflash_playerMatch7.0.19.0
ORadobeflash_playerMatch7.0.24.0
ORadobeflash_playerMatch7.0.25
ORadobeflash_playerMatch7.0.53.0
ORadobeflash_playerMatch7.0.60.0
ORadobeflash_playerMatch7.0.61.0
ORadobeflash_playerMatch7.0.63
ORadobeflash_playerMatch7.0.66.0
ORadobeflash_playerMatch7.0.67.0
ORadobeflash_playerMatch7.0.68.0
ORadobeflash_playerMatch7.0.69.0
ORadobeflash_playerMatch7.0.70.0
ORadobeflash_playerMatch7.0.73.0
ORadobeflash_playerMatch7.1
ORadobeflash_playerMatch7.1.1
ORadobeflash_playerMatch7.2
ORadobeflash_playerMatch8.0
ORadobeflash_playerMatch8.0.22.0
ORadobeflash_playerMatch8.0.24.0
ORadobeflash_playerMatch8.0.33.0
ORadobeflash_playerMatch8.0.34.0
ORadobeflash_playerMatch8.0.35.0
ORadobeflash_playerMatch8.0.39.0
ORadobeflash_playerMatch8.0.42.0
ORadobeflash_playerMatch9.0
ORadobeflash_playerMatch9.0.16
ORadobeflash_playerMatch9.0.18d60
ORadobeflash_playerMatch9.0.20
ORadobeflash_playerMatch9.0.20.0
ORadobeflash_playerMatch9.0.28
ORadobeflash_playerMatch9.0.28.0
ORadobeflash_playerMatch9.0.31
ORadobeflash_playerMatch9.0.31.0
ORadobeflash_playerMatch9.0.45.0
ORadobeflash_playerMatch9.0.47.0
ORadobeflash_playerMatch9.0.48.0
ORadobeflash_playerMatch9.0.112.0
ORadobeflash_playerMatch9.0.114.0
ORadobeflash_playerMatch9.0.115.0
ORadobeflash_playerMatch9.0.124.0
ORadobeflash_playerMatch9.0.125.0
ORadobeflash_playerMatch9.0.151.0
ORadobeflash_playerMatch9.0.152.0
ORadobeflash_playerMatch9.0.155.0
ORadobeflash_playerMatch9.0.159.0
ORadobeflash_playerMatch9.0.246.0
ORadobeflash_playerMatch9.0.260.0
ORadobeflash_playerMatch9.0.262.0
ORadobeflash_playerMatch9.0.277.0
ORadobeflash_playerMatch9.0.283.0
ORadobeflash_playerMatch9.125.0
ORadobeflash_playerMatch10.0.0.584
ORadobeflash_playerMatch10.0.12.10
ORadobeflash_playerMatch10.0.12.36
ORadobeflash_playerMatch10.0.15.3
ORadobeflash_playerMatch10.0.22.87
ORadobeflash_playerMatch10.0.32.18
ORadobeflash_playerMatch10.0.42.34
ORadobeflash_playerMatch10.0.45.2
ORadobeflash_playerMatch10.1.52.14.1
ORadobeflash_playerMatch10.1.52.15
ORadobeflash_playerMatch10.1.53.64
ORadobeflash_playerMatch10.1.82.76
ORadobeflash_playerMatch10.1.85.3
ORadobeflash_playerMatch10.1.92.8
ORadobeflash_playerMatch10.1.92.10
ORadobeflash_playerMatch10.1.95.1
ORadobeflash_playerMatch10.1.95.2
ORadobeflash_playerMatch10.1.102.64
ORadobeflash_playerMatch10.2.152
ORadobeflash_playerMatch10.2.152.32
ORadobeflash_playerMatch10.2.152.33
ORadobeflash_playerMatch10.2.154.13
ORadobeflash_playerMatch10.2.154.25
ORadobeflash_playerMatch10.2.159.1
ORadobeflash_playerMatch10.3.181.14
ORadobeflash_playerMatch10.3.181.16
ORadobeflash_playerMatch10.3.181.23
ORadobeflash_playerMatch10.3.181.34
applemac_os_x
ORlinuxlinux_kernel
ORmicrosoftwindows
ORsunsunos
Node
adobeflash_playerRange≤10.3.185.25
ORadobeflash_playerMatch10.1.92.8
ORadobeflash_playerMatch10.1.92.10
ORadobeflash_playerMatch10.1.95.2
ORadobeflash_playerMatch10.1.105.6
ORadobeflash_playerMatch10.1.106.16
ORadobeflash_playerMatch10.2.156.12
ORadobeflash_playerMatch10.2.157.51
ORadobeflash_playerMatch10.3.185.21
ORadobeflash_playerMatch10.3.185.23
googleandroid
Node
adobeadobe_airRange≤2.7
ORadobeadobe_airMatch1.0
ORadobeadobe_airMatch1.1
ORadobeadobe_airMatch1.5
ORadobeadobe_airMatch1.5.2
ORadobeadobe_airMatch1.5.3
ORadobeadobe_airMatch2.0.2
ORadobeadobe_airMatch2.0.3
ORadobeadobe_airMatch2.0.4
ORadobeadobe_airMatch2.6
applemac_os_x
ORmicrosoftwindows
Node
adobeadobe_airRange≤2.7
ORadobeadobe_airMatch1.0
ORadobeadobe_airMatch1.1
ORadobeadobe_airMatch1.5
ORadobeadobe_airMatch1.5.2
ORadobeadobe_airMatch1.5.3
ORadobeadobe_airMatch2.0.2
ORadobeadobe_airMatch2.0.3
ORadobeadobe_airMatch2.0.4
ORadobeadobe_airMatch2.6
googleandroid
| Vendor | Product | Version | CPE |
|---|---|---|---|
| adobe | flash_player | * | cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:* |
| adobe | flash_player | 6.0.21.0 | cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:* |
| adobe | flash_player | 6.0.79 | cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:* |
| adobe | flash_player | 7.0 | cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:* |
| adobe | flash_player | 7.0.1 | cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:* |
| adobe | flash_player | 7.0.14.0 | cpe:2.3:a:adobe:flash_player:7.0.14.0:*:*:*:*:*:*:* |
| adobe | flash_player | 7.0.19.0 | cpe:2.3:a:adobe:flash_player:7.0.19.0:*:*:*:*:*:*:* |
| adobe | flash_player | 7.0.24.0 | cpe:2.3:a:adobe:flash_player:7.0.24.0:*:*:*:*:*:*:* |
| adobe | flash_player | 7.0.25 | cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:* |
| adobe | flash_player | 7.0.53.0 | cpe:2.3:a:adobe:flash_player:7.0.53.0:*:*:*:*:*:*:* |
References
lists.opensuse.org/opensuse-security-announce/2011-08/msg00006.html
lists.opensuse.org/opensuse-security-announce/2011-08/msg00007.html
lists.opensuse.org/opensuse-security-announce/2011-08/msg00008.html
secunia.com/advisories/48308
www.adobe.com/support/security/bulletins/apsb11-21.html
www.redhat.com/support/errata/RHSA-2011-1144.html
www.us-cert.gov/cas/techalerts/TA11-222A.html
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14085
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16104
Related
nvd
nvd
prion
prion
Integer overflow
2011-08-10 22:55:00
Integer overflow
2011-08-10 22:55:00
Integer overflow
2011-08-10 22:55:00
ubuntucve
ubuntucve
cvelist
cvelist
cve
cve
CVE-2011-2416
2011-08-10 22:55:01
CVE-2011-2136
2011-08-10 22:55:00
zdi
zdi
checkpoint_advisories
checkpoint_advisories
securityvulns
securityvulns
ZDI-11-253: Adobe Flash Player BitmapData.scroll Integer Overflow Remote Code Execution Vulnerability
2011-08-17 00:00:00
iDefense Security Advisory 08.09.11: Adobe Flash Player Integer Overflow
2011-08-12 00:00:00
Adobe Flash Player multiple security vulnerabilities
2011-08-27 00:00:00
seebug
seebug
Adobe Flash Player Integer Overflow
2011-08-12 00:00:00
nessus
nessus
openSUSE Security Update : flash-player (openSUSE-SU-2011:0897-1)
2014-06-13 00:00:00
openSUSE Security Update : flash-player (openSUSE-SU-2011:0897-1)
2014-06-13 00:00:00
SuSE 10 Security Update : flash-player (ZYPP Patch Number 7679)
2011-12-13 00:00:00
openvas
openvas
FreeBSD Ports: linux-flashplugin
2011-09-21 00:00:00
FreeBSD Ports: linux-flashplugin
2011-09-21 00:00:00
Adobe Air and Flash Player Multiple Vulnerabilities (Mac OS X)
2011-08-31 00:00:00
suse
suse
remote code execution in flash-player
2011-08-11 15:39:03
flash-player (critical)
2011-08-12 05:08:25
Security update for flash-player (critical)
2011-08-12 04:08:20
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2011-05-13 00:00:00
redhat
redhat
(RHSA-2011:1144) Critical: flash-plugin security update
2011-08-10 00:00:00
(RHSA-2011:1434) Critical: acroread security update
2011-11-08 00:00:00
gentoo
gentoo
Adobe Reader: Multiple vulnerabilities
2012-01-30 00:00:00
Adobe Flash Player: Multiple vulnerabilities
2011-10-13 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
9
Confidence
High
EPSS
0.071
Percentile
94.0%
Related for CVE-2011-2138