cve-2011-0609
Vulnerability from cvelistv5
Published
2011-03-15 17:00
Modified
2024-08-06 21:58
Severity ?
Summary
Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.
References
psirt@adobe.comhttp://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.htmlBroken Link
psirt@adobe.comhttp://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.htmlThird Party Advisory
psirt@adobe.comhttp://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.htmlMailing List, Third Party Advisory
psirt@adobe.comhttp://secunia.com/advisories/43751Broken Link
psirt@adobe.comhttp://secunia.com/advisories/43757Broken Link
psirt@adobe.comhttp://secunia.com/advisories/43772Broken Link
psirt@adobe.comhttp://secunia.com/advisories/43856Broken Link
psirt@adobe.comhttp://securityreason.com/securityalert/8152Broken Link
psirt@adobe.comhttp://www.adobe.com/support/security/advisories/apsa11-01.htmlVendor Advisory
psirt@adobe.comhttp://www.adobe.com/support/security/bulletins/apsb11-06.htmlNot Applicable
psirt@adobe.comhttp://www.kb.cert.org/vuls/id/192052Third Party Advisory, US Government Resource
psirt@adobe.comhttp://www.redhat.com/support/errata/RHSA-2011-0372.htmlBroken Link
psirt@adobe.comhttp://www.securityfocus.com/bid/46860Broken Link, Third Party Advisory, VDB Entry
psirt@adobe.comhttp://www.securitytracker.com/id?1025210Broken Link, Third Party Advisory, VDB Entry
psirt@adobe.comhttp://www.securitytracker.com/id?1025211Broken Link, Third Party Advisory, VDB Entry
psirt@adobe.comhttp://www.securitytracker.com/id?1025238Broken Link, Third Party Advisory, VDB Entry
psirt@adobe.comhttp://www.vupen.com/english/advisories/2011/0655Broken Link
psirt@adobe.comhttp://www.vupen.com/english/advisories/2011/0656Broken Link
psirt@adobe.comhttp://www.vupen.com/english/advisories/2011/0688Broken Link
psirt@adobe.comhttp://www.vupen.com/english/advisories/2011/0732Broken Link
psirt@adobe.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/66078Third Party Advisory, VDB Entry
psirt@adobe.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14147Broken Link
af854a3a-2127-422b-91ae-364da2661108http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.htmlBroken Link
af854a3a-2127-422b-91ae-364da2661108http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43751Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43757Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43772Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43856Broken Link
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/8152Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.adobe.com/support/security/advisories/apsa11-01.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.adobe.com/support/security/bulletins/apsb11-06.htmlNot Applicable
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/192052Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2011-0372.htmlBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/46860Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1025210Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1025211Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1025238Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0655Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0656Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0688Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2011/0732Broken Link
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/66078Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14147Broken Link
Impacted products
Vendor Product Version
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog

Date added: 2022-06-08

Due date: 2022-06-22

Required action: The impacted product is end-of-life and should be disconnected if still in use.

Used in ransomware: Unknown

Notes: https://nvd.nist.gov/vuln/detail/CVE-2011-0609

Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:58:26.021Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "46860",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46860"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.html"
          },
          {
            "name": "ADV-2011-0732",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0732"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.adobe.com/support/security/advisories/apsa11-01.html"
          },
          {
            "name": "43751",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43751"
          },
          {
            "name": "oval:org.mitre.oval:def:14147",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14147"
          },
          {
            "name": "ADV-2011-0656",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0656"
          },
          {
            "name": "1025211",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1025211"
          },
          {
            "name": "SUSE-SR:2011:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
          },
          {
            "name": "adobe-flash-authplay-ce(66078)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66078"
          },
          {
            "name": "ADV-2011-0655",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0655"
          },
          {
            "name": "1025210",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1025210"
          },
          {
            "name": "43856",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43856"
          },
          {
            "name": "VU#192052",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/192052"
          },
          {
            "name": "43772",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43772"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-06.html"
          },
          {
            "name": "8152",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/8152"
          },
          {
            "name": "1025238",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1025238"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html"
          },
          {
            "name": "RHSA-2011:0372",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0372.html"
          },
          {
            "name": "43757",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43757"
          },
          {
            "name": "ADV-2011-0688",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0688"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-03-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "shortName": "adobe"
      },
      "references": [
        {
          "name": "46860",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46860"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.html"
        },
        {
          "name": "ADV-2011-0732",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0732"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.adobe.com/support/security/advisories/apsa11-01.html"
        },
        {
          "name": "43751",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43751"
        },
        {
          "name": "oval:org.mitre.oval:def:14147",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14147"
        },
        {
          "name": "ADV-2011-0656",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0656"
        },
        {
          "name": "1025211",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1025211"
        },
        {
          "name": "SUSE-SR:2011:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
        },
        {
          "name": "adobe-flash-authplay-ce(66078)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66078"
        },
        {
          "name": "ADV-2011-0655",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0655"
        },
        {
          "name": "1025210",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1025210"
        },
        {
          "name": "43856",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43856"
        },
        {
          "name": "VU#192052",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/192052"
        },
        {
          "name": "43772",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43772"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.adobe.com/support/security/bulletins/apsb11-06.html"
        },
        {
          "name": "8152",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/8152"
        },
        {
          "name": "1025238",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1025238"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html"
        },
        {
          "name": "RHSA-2011:0372",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0372.html"
        },
        {
          "name": "43757",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43757"
        },
        {
          "name": "ADV-2011-0688",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0688"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@adobe.com",
          "ID": "CVE-2011-0609",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "46860",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/46860"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.html",
              "refsource": "MISC",
              "url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.html"
            },
            {
              "name": "ADV-2011-0732",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0732"
            },
            {
              "name": "http://www.adobe.com/support/security/advisories/apsa11-01.html",
              "refsource": "CONFIRM",
              "url": "http://www.adobe.com/support/security/advisories/apsa11-01.html"
            },
            {
              "name": "43751",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43751"
            },
            {
              "name": "oval:org.mitre.oval:def:14147",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14147"
            },
            {
              "name": "ADV-2011-0656",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0656"
            },
            {
              "name": "1025211",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1025211"
            },
            {
              "name": "SUSE-SR:2011:005",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
            },
            {
              "name": "adobe-flash-authplay-ce(66078)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66078"
            },
            {
              "name": "ADV-2011-0655",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0655"
            },
            {
              "name": "1025210",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1025210"
            },
            {
              "name": "43856",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43856"
            },
            {
              "name": "VU#192052",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/192052"
            },
            {
              "name": "43772",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43772"
            },
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb11-06.html",
              "refsource": "CONFIRM",
              "url": "http://www.adobe.com/support/security/bulletins/apsb11-06.html"
            },
            {
              "name": "8152",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/8152"
            },
            {
              "name": "1025238",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1025238"
            },
            {
              "name": "http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html",
              "refsource": "CONFIRM",
              "url": "http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html"
            },
            {
              "name": "RHSA-2011:0372",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0372.html"
            },
            {
              "name": "43757",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43757"
            },
            {
              "name": "ADV-2011-0688",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0688"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
    "assignerShortName": "adobe",
    "cveId": "CVE-2011-0609",
    "datePublished": "2011-03-15T17:00:00",
    "dateReserved": "2011-01-20T00:00:00",
    "dateUpdated": "2024-08-06T21:58:26.021Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2011-0609",
      "dateAdded": "2022-06-08",
      "dueDate": "2022-06-22",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2011-0609",
      "product": "Flash Player",
      "requiredAction": "The impacted product is end-of-life and should be disconnected if still in use.",
      "shortDescription": "Adobe Flash Player contains an unspecified vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).",
      "vendorProject": "Adobe",
      "vulnerabilityName": "Adobe Flash Player Unspecified Vulnerability"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-0609\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2011-03-15T17:55:03.827\",\"lastModified\":\"2024-11-21T01:24:24.853\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad sin especificar en Adobe Flash Player 10.2.154.13 y versiones anteriores en Windows, Mac OS X, Linux y Solaris, y 10.1.106.16 y anteriores en Android, y Authplay.dll (AuthPlayLib.bundle) de Adobe Reader y Acrobat 9.x hasta 9.4.2 y 10.x hasta 10.0.1 en Windows y Mac OS X. Permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de contenido Flash modificado, como se ha demostrado con un fichero .swf embebido en una hoja de c\u00e1lculo Excel. Se ha explotado en Internet en Marzo del 2011.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"cisaExploitAdd\":\"2022-06-08\",\"cisaActionDue\":\"2022-06-22\",\"cisaRequiredAction\":\"The impacted product is end-of-life and should be disconnected if still in use.\",\"cisaVulnerabilityName\":\"Adobe Flash Player Unspecified Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.2.154.13\",\"matchCriteriaId\":\"9CE70003-27CE-4189-8F09-E8E25168BDC2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91F372EA-3A78-4703-A457-751B2C98D796\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.1.106.16\",\"matchCriteriaId\":\"E6F057DF-F6F8-4D20-B32C-930CD93347C6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0\",\"versionEndIncluding\":\"9.4.2\",\"matchCriteriaId\":\"F3842B12-98F1-47D5-8EC2-F76BB6737D2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B57C5136-7853-478B-A342-6013528B41B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC1E1EE7-379E-4047-962D-0A311EB0DB1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0\",\"versionEndIncluding\":\"9.4.2\",\"matchCriteriaId\":\"C6EAD79A-9A1B-4EF4-9DC8-50FB4EF97718\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9731EFE2-A5BE-4389-A92D-DDC573633B6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:10.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9B4B357-27C7-4926-936C-A100A7AD538B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.1\",\"matchCriteriaId\":\"3EA2B712-1B02-4BBA-A46C-00858320FD25\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5646FDE9-CF21-46A9-B89D-F5BBDB4249AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE554781-1EB9-446E-911F-6C11970C47F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise:10.0:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"1193A7E6-DCB4-4E79-A509-1D6948153A57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise:11.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4500161F-13A0-4369-B93A-778B34E7F005\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.0.648.134\",\"matchCriteriaId\":\"3EC8CA74-41F7-4449-8FAA-5B181E198529\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"387021A0-AF36-463C-A605-32EA7DAC172E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/43751\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/43757\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/43772\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/43856\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://securityreason.com/securityalert/8152\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.adobe.com/support/security/advisories/apsa11-01.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb11-06.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/192052\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0372.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/46860\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1025210\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1025211\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1025238\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0655\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0656\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0688\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0732\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/66078\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14147\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/43751\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/43757\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/43772\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/43856\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://securityreason.com/securityalert/8152\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.adobe.com/support/security/advisories/apsa11-01.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb11-06.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/192052\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-0372.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/46860\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1025210\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1025211\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1025238\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0655\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0656\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0688\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0732\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/66078\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14147\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.