Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveAdobeCVE-2011-2444
HistorySep 22, 2011 - 3:38 a.m.

CVE-2011-2444

2011-09-2203:38:38
CWE-79
adobe
web.nvd.nist.gov
46
cve-2011-2444
adobe flash player
xss
vulnerability
remote attackers
web script
html
crafted url
exploit
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.9

Confidence

High

EPSS

0.002

Percentile

62.0%

JSON

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a “universal cross-site scripting issue,” as exploited in the wild in September 2011.

Affected configurations

Nvd
Node
adobeflash_playerRange10.3.183.7
OR
adobeflash_playerMatch6.0.21.0
OR
adobeflash_playerMatch6.0.79
OR
adobeflash_playerMatch7.0
OR
adobeflash_playerMatch7.0.1
OR
adobeflash_playerMatch7.0.14.0
OR
adobeflash_playerMatch7.0.19.0
OR
adobeflash_playerMatch7.0.24.0
OR
adobeflash_playerMatch7.0.25
OR
adobeflash_playerMatch7.0.53.0
OR
adobeflash_playerMatch7.0.60.0
OR
adobeflash_playerMatch7.0.61.0
OR
adobeflash_playerMatch7.0.63
OR
adobeflash_playerMatch7.0.66.0
OR
adobeflash_playerMatch7.0.67.0
OR
adobeflash_playerMatch7.0.68.0
OR
adobeflash_playerMatch7.0.69.0
OR
adobeflash_playerMatch7.0.70.0
OR
adobeflash_playerMatch7.0.73.0
OR
adobeflash_playerMatch7.1
OR
adobeflash_playerMatch7.1.1
OR
adobeflash_playerMatch7.2
OR
adobeflash_playerMatch8.0
OR
adobeflash_playerMatch8.0.22.0
OR
adobeflash_playerMatch8.0.24.0
OR
adobeflash_playerMatch8.0.33.0
OR
adobeflash_playerMatch8.0.34.0
OR
adobeflash_playerMatch8.0.35.0
OR
adobeflash_playerMatch8.0.39.0
OR
adobeflash_playerMatch8.0.42.0
OR
adobeflash_playerMatch9.0
OR
adobeflash_playerMatch9.0.16
OR
adobeflash_playerMatch9.0.18d60
OR
adobeflash_playerMatch9.0.20
OR
adobeflash_playerMatch9.0.20.0
OR
adobeflash_playerMatch9.0.28
OR
adobeflash_playerMatch9.0.28.0
OR
adobeflash_playerMatch9.0.31
OR
adobeflash_playerMatch9.0.31.0
OR
adobeflash_playerMatch9.0.45.0
OR
adobeflash_playerMatch9.0.47.0
OR
adobeflash_playerMatch9.0.48.0
OR
adobeflash_playerMatch9.0.112.0
OR
adobeflash_playerMatch9.0.114.0
OR
adobeflash_playerMatch9.0.115.0
OR
adobeflash_playerMatch9.0.124.0
OR
adobeflash_playerMatch9.0.125.0
OR
adobeflash_playerMatch9.0.151.0
OR
adobeflash_playerMatch9.0.152.0
OR
adobeflash_playerMatch9.0.155.0
OR
adobeflash_playerMatch9.0.159.0
OR
adobeflash_playerMatch9.0.246.0
OR
adobeflash_playerMatch9.0.260.0
OR
adobeflash_playerMatch9.0.262.0
OR
adobeflash_playerMatch9.0.277.0
OR
adobeflash_playerMatch9.0.283.0
OR
adobeflash_playerMatch9.125.0
OR
adobeflash_playerMatch10.0.0.584
OR
adobeflash_playerMatch10.0.12.10
OR
adobeflash_playerMatch10.0.12.36
OR
adobeflash_playerMatch10.0.15.3
OR
adobeflash_playerMatch10.0.22.87
OR
adobeflash_playerMatch10.0.32.18
OR
adobeflash_playerMatch10.0.42.34
OR
adobeflash_playerMatch10.0.45.2
OR
adobeflash_playerMatch10.1.52.14.1
OR
adobeflash_playerMatch10.1.52.15
OR
adobeflash_playerMatch10.1.53.64
OR
adobeflash_playerMatch10.1.82.76
OR
adobeflash_playerMatch10.1.85.3
OR
adobeflash_playerMatch10.1.92.8
OR
adobeflash_playerMatch10.1.92.10
OR
adobeflash_playerMatch10.1.95.1
OR
adobeflash_playerMatch10.1.95.2
OR
adobeflash_playerMatch10.1.102.64
OR
adobeflash_playerMatch10.2.152
OR
adobeflash_playerMatch10.2.152.32
OR
adobeflash_playerMatch10.2.152.33
OR
adobeflash_playerMatch10.2.154.13
OR
adobeflash_playerMatch10.2.154.25
OR
adobeflash_playerMatch10.2.159.1
OR
adobeflash_playerMatch10.3.181.14
OR
adobeflash_playerMatch10.3.181.16
OR
adobeflash_playerMatch10.3.181.23
OR
adobeflash_playerMatch10.3.181.34
OR
adobeflash_playerMatch10.3.181.36
OR
adobeflash_playerMatch10.3.183.5
AND
applemac_os_x
OR
linuxlinux_kernel
OR
microsoftwindows
OR
sunsunos
Node
adobeflash_playerRange10.3.186.6
OR
adobeflash_playerMatch10.1.92.8
OR
adobeflash_playerMatch10.1.92.10
OR
adobeflash_playerMatch10.1.95.2
OR
adobeflash_playerMatch10.1.105.6
OR
adobeflash_playerMatch10.1.106.16
OR
adobeflash_playerMatch10.2.156.12
OR
adobeflash_playerMatch10.2.157.51
OR
adobeflash_playerMatch10.3.185.21
OR
adobeflash_playerMatch10.3.185.23
OR
adobeflash_playerMatch10.3.185.25
OR
adobeflash_playerMatch10.3.186.3
AND
googleandroid
VendorProductVersionCPE
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
adobeflash_player6.0.21.0cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*
adobeflash_player6.0.79cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*
adobeflash_player7.0cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*
adobeflash_player7.0.1cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*
adobeflash_player7.0.14.0cpe:2.3:a:adobe:flash_player:7.0.14.0:*:*:*:*:*:*:*
adobeflash_player7.0.19.0cpe:2.3:a:adobe:flash_player:7.0.19.0:*:*:*:*:*:*:*
adobeflash_player7.0.24.0cpe:2.3:a:adobe:flash_player:7.0.24.0:*:*:*:*:*:*:*
adobeflash_player7.0.25cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*
adobeflash_player7.0.53.0cpe:2.3:a:adobe:flash_player:7.0.53.0:*:*:*:*:*:*:*
Rows per page:
1-10 of 1001

Related

cvelist 1
threatpost 1
prion 1
nessus 13
nvd 1
ubuntucve 1
checkpoint_advisories 1
openvas 10
freebsd 1
redhat 2
suse 1
gentoo 1
cvelist
cvelist
CVE-2011-2444
2011-09-22 01:00:00
threatpost
threatpost
Adobe Pushes Out Flash Player Patch
2011-09-21 15:57:23
prion
prion
Cross site scripting
2011-09-22 03:38:00
nessus
nessus
Google Chrome < 14.0.835.186 Multiple Adobe Flash Player Vulnerabilities
2011-09-21 00:00:00
Flash Player < 10.3.183.10 Multiple Vulnerabilities (APSB11-26)
2011-09-22 00:00:00
openSUSE Security Update : flash-player (openSUSE-SU-2011:1060-1)
2014-06-13 00:00:00
nvd
nvd
CVE-2011-2444
2011-09-22 03:38:38
ubuntucve
ubuntucve
CVE-2011-2444
2011-09-22 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player loadClip Cross Site Scripting (APSB11-26; CVE-2011-2444)
2011-10-04 00:00:00
openvas
openvas
Adobe Flash Player Multiple Vulnerabilities (Sep 2011) - Mac OS X
2011-09-30 00:00:00
Adobe Flash Player Multiple Vulnerabilities September-2011 (Mac OS X)
2011-09-30 00:00:00
FreeBSD Ports: linux-flashplugin
2011-10-16 00:00:00
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2011-06-06 00:00:00
redhat
redhat
(RHSA-2011:1333) Critical: flash-plugin security update
2011-09-22 00:00:00
(RHSA-2011:1434) Critical: acroread security update
2011-11-08 00:00:00
suse
suse
Security update for flash-player (important)
2011-09-23 16:08:20
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2011-10-13 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.9

Confidence

High

EPSS

0.002

Percentile

62.0%

JSON
Related for CVE-2011-2444
cvelist1threatpost1prion1nessus13nvd1ubuntucve1checkpoint_advisories1openvas10freebsd1redhat2suse1gentoo1