Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2011-2104 (GCVE-0-2011-2104)
Vulnerability from cvelistv5
Published
2011-06-16 23:00
Modified
2024-08-06 22:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:53:15.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "adobe-reader-acorbat-dos(68018)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68018"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html"
},
{
"name": "TA11-166A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
},
{
"name": "1025658",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025658"
},
{
"name": "oval:org.mitre.oval:def:13863",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13863"
},
{
"name": "48251",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/48251"
},
{
"name": "73066",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/73066"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "adobe-reader-acorbat-dos(68018)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68018"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html"
},
{
"name": "TA11-166A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
},
{
"name": "1025658",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025658"
},
{
"name": "oval:org.mitre.oval:def:13863",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13863"
},
{
"name": "48251",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/48251"
},
{
"name": "73066",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/73066"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-2104",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "adobe-reader-acorbat-dos(68018)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68018"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-16.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html"
},
{
"name": "TA11-166A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
},
{
"name": "1025658",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025658"
},
{
"name": "oval:org.mitre.oval:def:13863",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13863"
},
{
"name": "48251",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48251"
},
{
"name": "73066",
"refsource": "OSVDB",
"url": "http://osvdb.org/73066"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2011-2104",
"datePublished": "2011-06-16T23:00:00",
"dateReserved": "2011-05-13T00:00:00",
"dateUpdated": "2024-08-06T22:53:15.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2011-2104\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2011-06-16T23:55:01.947\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.\"},{\"lang\":\"es\",\"value\":\"Adobe Reader y Acrobat v8.x anterior a v8.3, v9.x anterior a v9.4.5, y 10.x anterior a v10.1 en Windows y Mac OS X permite a atacantes provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"996EB48E-D2A8-49E4-915A-EBDE26A9FB94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97E20936-EE31-4CEB-A710-3165A28BAD69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5BEA847-A71E-4336-AB67-B3C38847C1C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D198253-0E52-4E7F-AA01-CA82B96CD5BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39F6994B-6969-485B-9286-2592B11A47BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC533775-B52E-43F0-BF19-1473BE36232D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18D1C85E-42CC-46F2-A7B6-DAC3C3995330\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4670451-511E-496C-A78A-887366E1E992\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A2A4F62-7AB5-4134-9A65-4B4E1EA262A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35994F76-CD13-4301-9134-FC0CBEA37D97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FB61191-F955-4DE6-A86B-36E031DE1F99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E32D68D5-6A79-454B-B14F-9BC865413E3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A57581C-A139-41C3-B9DB-0C4CFA7A1BB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:8.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8028BBB6-47A0-4BEF-BC43-58E19EC73480\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"562772F1-1627-438E-A6B8-7D1AA5536086\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F25C9167-C6D4-4264-9197-50878EDA2D96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD1D7308-09E9-42B2-8836-DC2326C62A9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5C251D2-4C9B-4029-8BED-0FCAED3B8E89\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2432AC17-5378-4C61-A775-5172FD44EC03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39EDED39-664F-4B68-B422-2CCCA3B83550\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B508C5CE-1386-47B3-B301-B78DBB3A75D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDC2EEB6-D5EC-430F-962A-1279C9970441\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DC590C7-5BDE-4E46-9605-01E95B17F01F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCFE67F4-6907-4967-96A3-1757EADA72BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41DFBB39-4BC6-48BB-B66E-99DA4C7DBCE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A328CC7F-5D02-4C7C-82CE-139EB2689C18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F56EC75-4C65-4CD7-981D-823E1411CD6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:9.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E2D30C1-BDE8-4C1C-A8B3-A635A74E5D94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9731EFE2-A5BE-4389-A92D-DDC573633B6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:10.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9B4B357-27C7-4926-936C-A100A7AD538B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:10.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DEE3D3B-C94C-4A85-B2C2-E4A72A88F4FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat_reader:10.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"978027C8-4DF6-4C18-A31D-1ACFBA857E9F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FF5999A-9D12-4CDD-8DE9-A89C10B2D574\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26AE76F7-D7F6-4AF2-A5C6-708B5642C288\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"749FFB51-65D4-4A4B-95F3-742440276897\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8665E53-EC1E-4B95-9064-2565BC12113E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24218FDA-F9DA-465A-B5D5-76A55C7EE04E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2C5F1C5-85CD-47B9-897F-E51D6902AF72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0E190FF-3EBC-44AB-8072-4D964E843E8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A624D44-C135-4ED3-9BA4-F4F8A044850B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B95C0A99-42E4-40A9-BF61-507E4E4DC052\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B9F55CC-3681-4A67-99D1-3F40447392D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9C0AC89-804B-44A1-929A-118993B6BAA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39B174C3-1BA6-4654-BFA4-CC126454E147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6ACDAA2B-3977-4590-9F16-5DDB6FF6545B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB7C4E07-0909-4114-BBFB-92626AFC49BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7832B75B-7868-44DE-A9A4-CBD9CC117DB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF3AB98B-E881-4992-B709-4EE7FEDFD696\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:8.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8482E880-29DD-4B4D-9D1F-3FAD2849CD99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AA53564-9ACD-4CFB-9AAC-A77440026A57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F475858-DCE2-4C93-A51A-04718DF17593\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88687272-4CD0-42A2-B727-C322ABDE3549\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B35CC915-EEE3-4E86-9E09-1893C725E07B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76201694-E5C5-4CA3-8919-46937AFDAAE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"397AB988-1C2C-4247-9B34-806094197CB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FA0B8C3-8060-4685-A241-9852BD63B7A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AB9BBDE-634A-47CF-BA49-67382B547900\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F56B1726-4F05-4732-9D8B-077EF593EAEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A258374F-55CB-48D2-9094-CD70E1288F60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"627B0DA4-E600-49F1-B455-B4E151B33236\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54BD8F96-BB75-4961-B1E0-049F2273100D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C14B310-65F0-475D-A2DD-0AD706805A99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:9.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"356A0FAF-A25C-4D11-A70F-94B311B5778E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B57C5136-7853-478B-A342-6013528B41B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC1E1EE7-379E-4047-962D-0A311EB0DB1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:10.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C113D6BE-88CD-4670-A0FA-8E78EBAF9A81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:acrobat:10.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4FC7DF0-7006-4805-9CA3-9A950DAA8D51\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FF5999A-9D12-4CDD-8DE9-A89C10B2D574\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CF61F35-5905-4BA9-AD7E-7DB261D2F256\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/73066\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb11-16.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/48251\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.securitytracker.com/id?1025658\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA11-166A.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/68018\",\"source\":\"psirt@adobe.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13863\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://osvdb.org/73066\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb11-16.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/48251\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1025658\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA11-166A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/68018\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13863\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
ghsa-wq85-8jmh-r875
Vulnerability from github
Published
2022-05-17 01:01
Modified
2022-05-17 01:01
VLAI Severity ?
Details
Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.
{
"affected": [],
"aliases": [
"CVE-2011-2104"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2011-06-16T23:55:00Z",
"severity": "MODERATE"
},
"details": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.",
"id": "GHSA-wq85-8jmh-r875",
"modified": "2022-05-17T01:01:34Z",
"published": "2022-05-17T01:01:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2104"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68018"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13863"
},
{
"type": "WEB",
"url": "http://osvdb.org/73066"
},
{
"type": "WEB",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/48251"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1025658"
},
{
"type": "WEB",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
fkie_cve-2011-2104
Vulnerability from fkie_nvd
Published
2011-06-16 23:55
Modified
2025-04-11 00:51
Severity ?
Summary
Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@adobe.com | http://osvdb.org/73066 | ||
| psirt@adobe.com | http://www.adobe.com/support/security/bulletins/apsb11-16.html | Patch, Vendor Advisory | |
| psirt@adobe.com | http://www.securityfocus.com/bid/48251 | ||
| psirt@adobe.com | http://www.securitytracker.com/id?1025658 | ||
| psirt@adobe.com | http://www.us-cert.gov/cas/techalerts/TA11-166A.html | US Government Resource | |
| psirt@adobe.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/68018 | ||
| psirt@adobe.com | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13863 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/73066 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.adobe.com/support/security/bulletins/apsb11-16.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/48251 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1025658 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.us-cert.gov/cas/techalerts/TA11-166A.html | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/68018 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13863 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | acrobat_reader | 8.0 | |
| adobe | acrobat_reader | 8.1 | |
| adobe | acrobat_reader | 8.1.1 | |
| adobe | acrobat_reader | 8.1.2 | |
| adobe | acrobat_reader | 8.1.3 | |
| adobe | acrobat_reader | 8.1.4 | |
| adobe | acrobat_reader | 8.1.5 | |
| adobe | acrobat_reader | 8.1.6 | |
| adobe | acrobat_reader | 8.1.7 | |
| adobe | acrobat_reader | 8.2 | |
| adobe | acrobat_reader | 8.2.1 | |
| adobe | acrobat_reader | 8.2.2 | |
| adobe | acrobat_reader | 8.2.3 | |
| adobe | acrobat_reader | 8.2.4 | |
| adobe | acrobat_reader | 8.2.6 | |
| adobe | acrobat_reader | 9.0 | |
| adobe | acrobat_reader | 9.1 | |
| adobe | acrobat_reader | 9.1.1 | |
| adobe | acrobat_reader | 9.1.2 | |
| adobe | acrobat_reader | 9.1.3 | |
| adobe | acrobat_reader | 9.2 | |
| adobe | acrobat_reader | 9.3 | |
| adobe | acrobat_reader | 9.3.1 | |
| adobe | acrobat_reader | 9.3.2 | |
| adobe | acrobat_reader | 9.3.3 | |
| adobe | acrobat_reader | 9.3.4 | |
| adobe | acrobat_reader | 9.4 | |
| adobe | acrobat_reader | 9.4.1 | |
| adobe | acrobat_reader | 9.4.2 | |
| adobe | acrobat_reader | 9.4.3 | |
| adobe | acrobat_reader | 9.4.4 | |
| adobe | acrobat_reader | 10.0 | |
| adobe | acrobat_reader | 10.0.1 | |
| adobe | acrobat_reader | 10.0.2 | |
| adobe | acrobat_reader | 10.0.3 | |
| apple | mac_os_x | * | |
| microsoft | windows | * | |
| adobe | acrobat | 8.0 | |
| adobe | acrobat | 8.1 | |
| adobe | acrobat | 8.1.1 | |
| adobe | acrobat | 8.1.2 | |
| adobe | acrobat | 8.1.3 | |
| adobe | acrobat | 8.1.4 | |
| adobe | acrobat | 8.1.5 | |
| adobe | acrobat | 8.1.6 | |
| adobe | acrobat | 8.1.7 | |
| adobe | acrobat | 8.2 | |
| adobe | acrobat | 8.2.1 | |
| adobe | acrobat | 8.2.2 | |
| adobe | acrobat | 8.2.3 | |
| adobe | acrobat | 8.2.4 | |
| adobe | acrobat | 8.2.5 | |
| adobe | acrobat | 8.2.6 | |
| adobe | acrobat | 9.0 | |
| adobe | acrobat | 9.1 | |
| adobe | acrobat | 9.1.1 | |
| adobe | acrobat | 9.1.2 | |
| adobe | acrobat | 9.1.3 | |
| adobe | acrobat | 9.2 | |
| adobe | acrobat | 9.3 | |
| adobe | acrobat | 9.3.1 | |
| adobe | acrobat | 9.3.2 | |
| adobe | acrobat | 9.3.3 | |
| adobe | acrobat | 9.3.4 | |
| adobe | acrobat | 9.4 | |
| adobe | acrobat | 9.4.1 | |
| adobe | acrobat | 9.4.2 | |
| adobe | acrobat | 9.4.3 | |
| adobe | acrobat | 9.4.4 | |
| adobe | acrobat | 10.0 | |
| adobe | acrobat | 10.0.1 | |
| adobe | acrobat | 10.0.2 | |
| adobe | acrobat | 10.0.3 | |
| apple | mac_os_x | * | |
| microsoft | windows | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "996EB48E-D2A8-49E4-915A-EBDE26A9FB94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "97E20936-EE31-4CEB-A710-3165A28BAD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5BD9952C-A1D0-4DFB-A292-9B86D7EAE5FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C5BEA847-A71E-4336-AB67-B3C38847C1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D198253-0E52-4E7F-AA01-CA82B96CD5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "39F6994B-6969-485B-9286-2592B11A47BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC533775-B52E-43F0-BF19-1473BE36232D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "18D1C85E-42CC-46F2-A7B6-DAC3C3995330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C4670451-511E-496C-A78A-887366E1E992",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2A4F62-7AB5-4134-9A65-4B4E1EA262A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35994F76-CD13-4301-9134-FC0CBEA37D97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB61191-F955-4DE6-A86B-36E031DE1F99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E32D68D5-6A79-454B-B14F-9BC865413E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2A57581C-A139-41C3-B9DB-0C4CFA7A1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:8.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8028BBB6-47A0-4BEF-BC43-58E19EC73480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "562772F1-1627-438E-A6B8-7D1AA5536086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27D5AF92-A8E1-41BD-B20A-EB26BB6AD4DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F25C9167-C6D4-4264-9197-50878EDA2D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1D7308-09E9-42B2-8836-DC2326C62A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B5C251D2-4C9B-4029-8BED-0FCAED3B8E89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2432AC17-5378-4C61-A775-5172FD44EC03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B6BA82F4-470D-4A46-89B2-D2F3C8FA31C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39EDED39-664F-4B68-B422-2CCCA3B83550",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B508C5CE-1386-47B3-B301-B78DBB3A75D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DDC2EEB6-D5EC-430F-962A-1279C9970441",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8DC590C7-5BDE-4E46-9605-01E95B17F01F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DCFE67F4-6907-4967-96A3-1757EADA72BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "41DFBB39-4BC6-48BB-B66E-99DA4C7DBCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A328CC7F-5D02-4C7C-82CE-139EB2689C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0F56EC75-4C65-4CD7-981D-823E1411CD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:9.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2D30C1-BDE8-4C1C-A8B3-A635A74E5D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9731EFE2-A5BE-4389-A92D-DDC573633B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B4B357-27C7-4926-936C-A100A7AD538B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DEE3D3B-C94C-4A85-B2C2-E4A72A88F4FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat_reader:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "978027C8-4DF6-4C18-A31D-1ACFBA857E9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "26AE76F7-D7F6-4AF2-A5C6-708B5642C288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "749FFB51-65D4-4A4B-95F3-742440276897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8665E53-EC1E-4B95-9064-2565BC12113E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24218FDA-F9DA-465A-B5D5-76A55C7EE04E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E2C5F1C5-85CD-47B9-897F-E51D6902AF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E190FF-3EBC-44AB-8072-4D964E843E8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6A624D44-C135-4ED3-9BA4-F4F8A044850B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B95C0A99-42E4-40A9-BF61-507E4E4DC052",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3B9F55CC-3681-4A67-99D1-3F40447392D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C0AC89-804B-44A1-929A-118993B6BAA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39B174C3-1BA6-4654-BFA4-CC126454E147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6ACDAA2B-3977-4590-9F16-5DDB6FF6545B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7C4E07-0909-4114-BBFB-92626AFC49BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7832B75B-7868-44DE-A9A4-CBD9CC117DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3AB98B-E881-4992-B709-4EE7FEDFD696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:8.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8482E880-29DD-4B4D-9D1F-3FAD2849CD99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5AA53564-9ACD-4CFB-9AAC-A77440026A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7EC46E3-77B7-4455-B3E0-A45C6B69B3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F475858-DCE2-4C93-A51A-04718DF17593",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "88687272-4CD0-42A2-B727-C322ABDE3549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1E5C4FA4-3786-47AF-BD7D-8E75927EB3AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B35CC915-EEE3-4E86-9E09-1893C725E07B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "76201694-E5C5-4CA3-8919-46937AFDAAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "397AB988-1C2C-4247-9B34-806094197CB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8FA0B8C3-8060-4685-A241-9852BD63B7A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB9BBDE-634A-47CF-BA49-67382B547900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F56B1726-4F05-4732-9D8B-077EF593EAEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A258374F-55CB-48D2-9094-CD70E1288F60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "627B0DA4-E600-49F1-B455-B4E151B33236",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "54BD8F96-BB75-4961-B1E0-049F2273100D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C14B310-65F0-475D-A2DD-0AD706805A99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:9.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "356A0FAF-A25C-4D11-A70F-94B311B5778E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B57C5136-7853-478B-A342-6013528B41B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CC1E1EE7-379E-4047-962D-0A311EB0DB1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C113D6BE-88CD-4670-A0FA-8E78EBAF9A81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:acrobat:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E4FC7DF0-7006-4805-9CA3-9A950DAA8D51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors."
},
{
"lang": "es",
"value": "Adobe Reader y Acrobat v8.x anterior a v8.3, v9.x anterior a v9.4.5, y 10.x anterior a v10.1 en Windows y Mac OS X permite a atacantes provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2011-2104",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-06-16T23:55:01.947",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://osvdb.org/73066"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/48251"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id?1025658"
},
{
"source": "psirt@adobe.com",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
},
{
"source": "psirt@adobe.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68018"
},
{
"source": "psirt@adobe.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13863"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/73066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/48251"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025658"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13863"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
gsd-2011-2104
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2011-2104",
"description": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.",
"id": "GSD-2011-2104",
"references": [
"https://access.redhat.com/errata/RHSA-2011:1434"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2011-2104"
],
"details": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.",
"id": "GSD-2011-2104",
"modified": "2023-12-13T01:19:06.539713Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-2104",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "adobe-reader-acorbat-dos(68018)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68018"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-16.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html"
},
{
"name": "TA11-166A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
},
{
"name": "1025658",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025658"
},
{
"name": "oval:org.mitre.oval:def:13863",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13863"
},
{
"name": "48251",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48251"
},
{
"name": "73066",
"refsource": "OSVDB",
"url": "http://osvdb.org/73066"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:10.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:10.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:10.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:8.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat_reader:9.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:10.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:10.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:8.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:acrobat:9.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-2104"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-16.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html"
},
{
"name": "48251",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/48251"
},
{
"name": "1025658",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id?1025658"
},
{
"name": "73066",
"refsource": "OSVDB",
"tags": [],
"url": "http://osvdb.org/73066"
},
{
"name": "TA11-166A",
"refsource": "CERT",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
},
{
"name": "adobe-reader-acorbat-dos(68018)",
"refsource": "XF",
"tags": [],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68018"
},
{
"name": "oval:org.mitre.oval:def:13863",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13863"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
}
},
"lastModifiedDate": "2017-09-19T01:32Z",
"publishedDate": "2011-06-16T23:55Z"
}
}
}
rhsa-2011:1434
Vulnerability from csaf_redhat
Published
2011-11-08 11:13
Modified
2025-09-26 03:12
Summary
Red Hat Security Advisory: acroread security update
Notes
Topic
Updated acroread packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise
Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).
This update fixes multiple security flaws in Adobe Reader. These flaws are
detailed on the Adobe security page APSB11-24, listed in the References
section. A specially-crafted PDF file could cause Adobe Reader to crash or,
potentially, execute arbitrary code as the user running Adobe Reader when
opened. (CVE-2011-2431, CVE-2011-2432, CVE-2011-2433, CVE-2011-2434,
CVE-2011-2435, CVE-2011-2436, CVE-2011-2437, CVE-2011-2438, CVE-2011-2439,
CVE-2011-2440, CVE-2011-2442)
This update also fixes multiple security flaws in Adobe Flash Player
embedded in Adobe Reader. These flaws are detailed on the Adobe security
pages APSB11-21 and APSB11-26, listed in the References section.
A PDF file with an embedded, specially-crafted SWF file could cause Adobe
Reader to crash or, potentially, execute arbitrary code as the user running
Adobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,
CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,
CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,
CVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)
A flaw in Adobe Flash Player could allow an attacker to conduct cross-site
scripting (XSS) attacks if a victim were tricked into visiting a
specially-crafted web page. (CVE-2011-2444)
This update also fixes an information disclosure flaw in Adobe Flash
Player. (CVE-2011-2429)
All Adobe Reader users should install these updated packages. They contain
Adobe Reader version 9.4.6, which is not vulnerable to these issues. All
running instances of Adobe Reader must be restarted for the update to take
effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise\nLinux 5 and 6 Supplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Adobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nThis update fixes multiple security flaws in Adobe Reader. These flaws are\ndetailed on the Adobe security page APSB11-24, listed in the References\nsection. A specially-crafted PDF file could cause Adobe Reader to crash or,\npotentially, execute arbitrary code as the user running Adobe Reader when\nopened. (CVE-2011-2431, CVE-2011-2432, CVE-2011-2433, CVE-2011-2434,\nCVE-2011-2435, CVE-2011-2436, CVE-2011-2437, CVE-2011-2438, CVE-2011-2439,\nCVE-2011-2440, CVE-2011-2442)\n\nThis update also fixes multiple security flaws in Adobe Flash Player\nembedded in Adobe Reader. These flaws are detailed on the Adobe security\npages APSB11-21 and APSB11-26, listed in the References section.\n\nA PDF file with an embedded, specially-crafted SWF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,\nCVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,\nCVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,\nCVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)\n\nA flaw in Adobe Flash Player could allow an attacker to conduct cross-site\nscripting (XSS) attacks if a victim were tricked into visiting a\nspecially-crafted web page. (CVE-2011-2444)\n\nThis update also fixes an information disclosure flaw in Adobe Flash\nPlayer. (CVE-2011-2429)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.6, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2011:1434",
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-24.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-24.html"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-26.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-26.html"
},
{
"category": "external",
"summary": "729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "740201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740201"
},
{
"category": "external",
"summary": "740204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740204"
},
{
"category": "external",
"summary": "740388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740388"
},
{
"category": "external",
"summary": "749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_1434.json"
}
],
"title": "Red Hat Security Advisory: acroread security update",
"tracking": {
"current_release_date": "2025-09-26T03:12:16+00:00",
"generator": {
"date": "2025-09-26T03:12:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.8"
}
},
"id": "RHSA-2011:1434",
"initial_release_date": "2011-11-08T11:13:00+00:00",
"revision_history": [
{
"date": "2011-11-08T11:13:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2011-11-08T11:13:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-26T03:12:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.6-1.el4.i386",
"product": {
"name": "acroread-plugin-0:9.4.6-1.el4.i386",
"product_id": "acroread-plugin-0:9.4.6-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.6-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-0:9.4.6-1.el4.i386",
"product": {
"name": "acroread-0:9.4.6-1.el4.i386",
"product_id": "acroread-0:9.4.6-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.6-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.6-1.el5.i386",
"product": {
"name": "acroread-plugin-0:9.4.6-1.el5.i386",
"product_id": "acroread-plugin-0:9.4.6-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.6-1.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-0:9.4.6-1.el5.i386",
"product": {
"name": "acroread-0:9.4.6-1.el5.i386",
"product_id": "acroread-0:9.4.6-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.6-1.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "acroread-0:9.4.6-1.el6.i686",
"product": {
"name": "acroread-0:9.4.6-1.el6.i686",
"product_id": "acroread-0:9.4.6-1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.6-1.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.6-1.el6.i686",
"product": {
"name": "acroread-plugin-0:9.4.6-1.el6.i686",
"product_id": "acroread-plugin-0:9.4.6-1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.6-1.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-0:9.4.6-1.el5.i386"
},
"product_reference": "acroread-0:9.4.6-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-0:9.4.6-1.el5.i386"
},
"product_reference": "acroread-0:9.4.6-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary:acroread-0:9.4.6-1.el6.i686"
},
"product_reference": "acroread-0:9.4.6-1.el6.i686",
"relates_to_product_reference": "6Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el6.i686",
"relates_to_product_reference": "6Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary:acroread-0:9.4.6-1.el6.i686"
},
"product_reference": "acroread-0:9.4.6-1.el6.i686",
"relates_to_product_reference": "6Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el6.i686",
"relates_to_product_reference": "6Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686"
},
"product_reference": "acroread-0:9.4.6-1.el6.i686",
"relates_to_product_reference": "6Workstation-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el6.i686",
"relates_to_product_reference": "6Workstation-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2011-2094",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2095 and CVE-2011-2097.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2094"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2094",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2094"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2094",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2094"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2095",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2094 and CVE-2011-2097.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2095"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2095",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2095"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2096",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2096"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2096",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2096"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2096",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2096"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2097",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2094 and CVE-2011-2095.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2097"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2097"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2097",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2097"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2098",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2099.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2098"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2098",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2098"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2098",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2098"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2099",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2098.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2099"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2099"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2101",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X do not properly restrict script, which allows attackers to execute arbitrary code via a crafted document, related to a \"cross document script execution vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2101"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2101",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2101"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2101",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2101"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2104",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720633"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: Multiple denial of service flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2104"
},
{
"category": "external",
"summary": "RHBZ#720633",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720633"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2104",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2104"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "acroread: Multiple denial of service flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2105",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720633"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted font data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: Multiple denial of service flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2105"
},
{
"category": "external",
"summary": "RHBZ#720633",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720633"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2105",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2105"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "acroread: Multiple denial of service flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2107",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2011-06-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "710981"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a \"universal cross-site scripting vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: Cross-site scripting vulnerability (APSB11-13)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2107"
},
{
"category": "external",
"summary": "RHBZ#710981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=710981"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2107",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2107"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2107",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2107"
}
],
"release_date": "2011-06-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "flash-plugin: Cross-site scripting vulnerability (APSB11-13)"
},
{
"cve": "CVE-2011-2130",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2134, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2130"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2130",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2130"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2130",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2130"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2134",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2134"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2134",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2134"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2134",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2134"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2135",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2140, CVE-2011-2417, and CVE-2011-2425.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2135"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2135",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2135"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2136",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2138 and CVE-2011-2416.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2136"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2136",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2136"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2137",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2414, and CVE-2011-2415.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2137"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2137",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2137"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2138",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2416.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2138"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2138",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2138"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2138",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2138"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2139",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2139"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2139",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2139"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2139",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2139"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2140",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2417, and CVE-2011-2425.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2140"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2140",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2140"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2140",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2140"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2414",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2415.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2414"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2414",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2414"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2414",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2414"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2415",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2414.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2415"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2415",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2415"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2415",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2415"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2416",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2416"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2416",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2416"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2416",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2416"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2417",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2425.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2417"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2417",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2417"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2417",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2417"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2424",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by \"about 400 unique crash signatures.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2424"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2424",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2424"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2424",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2424"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2425",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2417.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2425"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2425",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2425"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2426",
"discovery_date": "2011-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "740388"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: critical flaws fixed in APSB11-26",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2426"
},
{
"category": "external",
"summary": "RHBZ#740388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2426"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2426",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2426"
}
],
"release_date": "2011-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: critical flaws fixed in APSB11-26"
},
{
"cve": "CVE-2011-2427",
"discovery_date": "2011-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "740388"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: critical flaws fixed in APSB11-26",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2427"
},
{
"category": "external",
"summary": "RHBZ#740388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2427",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2427"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2427",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2427"
}
],
"release_date": "2011-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: critical flaws fixed in APSB11-26"
},
{
"cve": "CVE-2011-2428",
"discovery_date": "2011-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "740388"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service (browser crash) via unspecified vectors, related to a \"logic error issue.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: critical flaws fixed in APSB11-26",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2428"
},
{
"category": "external",
"summary": "RHBZ#740388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2428",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2428"
}
],
"release_date": "2011-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: critical flaws fixed in APSB11-26"
},
{
"cve": "CVE-2011-2429",
"discovery_date": "2011-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "740204"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, related to a \"security control bypass.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: security control bypass information disclosure fixed in APSB11-26",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2429"
},
{
"category": "external",
"summary": "RHBZ#740204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740204"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2429",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2429"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2429",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2429"
}
],
"release_date": "2011-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "flash-plugin: security control bypass information disclosure fixed in APSB11-26"
},
{
"cve": "CVE-2011-2430",
"discovery_date": "2011-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "740388"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via crafted streaming media, related to a \"logic error vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: critical flaws fixed in APSB11-26",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2430"
},
{
"category": "external",
"summary": "RHBZ#740388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2430",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2430"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2430",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2430"
}
],
"release_date": "2011-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: critical flaws fixed in APSB11-26"
},
{
"cve": "CVE-2011-2431",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a \"security bypass vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2431"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2431",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2431"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2431"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2432",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in the U3D TIFF Resource in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2432"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2432",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2432"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2432",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2432"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2433",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2434 and CVE-2011-2437.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2433"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2433",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2433"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2433",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2433"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2434",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2437.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2434"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2434",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2434"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2434",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2434"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2435",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2435"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2435",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2435"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2435",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2435"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2436",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in the image-parsing library in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2436"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2436",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2436"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2436",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2436"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2437",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2434.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2437"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2437",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2437"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2437",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2437"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2438",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Multiple stack-based buffer overflows in the image-parsing library in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2438"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2438",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2438"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2438",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2438"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2439",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a \"memory leakage condition vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2439"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2439",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2439"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2439",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2439"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2440",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Use-after-free vulnerability in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2440"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2440",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2440"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2440",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2440"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2442",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a \"logic error vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2442"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2442",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2442"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2442",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2442"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2444",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2011-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "740201"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a \"universal cross-site scripting issue,\" as exploited in the wild in September 2011.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2444"
},
{
"category": "external",
"summary": "RHBZ#740201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2444",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2444"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2444",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2444"
}
],
"release_date": "2011-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26"
},
{
"cve": "CVE-2011-4374",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in Adobe Reader 9.x before 9.4.6 on Linux allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-4374"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-4374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4374"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-4374",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4374"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
}
]
}
rhsa-2011_1434
Vulnerability from csaf_redhat
Published
2011-11-08 11:13
Modified
2024-11-14 11:30
Summary
Red Hat Security Advisory: acroread security update
Notes
Topic
Updated acroread packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise
Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).
This update fixes multiple security flaws in Adobe Reader. These flaws are
detailed on the Adobe security page APSB11-24, listed in the References
section. A specially-crafted PDF file could cause Adobe Reader to crash or,
potentially, execute arbitrary code as the user running Adobe Reader when
opened. (CVE-2011-2431, CVE-2011-2432, CVE-2011-2433, CVE-2011-2434,
CVE-2011-2435, CVE-2011-2436, CVE-2011-2437, CVE-2011-2438, CVE-2011-2439,
CVE-2011-2440, CVE-2011-2442)
This update also fixes multiple security flaws in Adobe Flash Player
embedded in Adobe Reader. These flaws are detailed on the Adobe security
pages APSB11-21 and APSB11-26, listed in the References section.
A PDF file with an embedded, specially-crafted SWF file could cause Adobe
Reader to crash or, potentially, execute arbitrary code as the user running
Adobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,
CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,
CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,
CVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)
A flaw in Adobe Flash Player could allow an attacker to conduct cross-site
scripting (XSS) attacks if a victim were tricked into visiting a
specially-crafted web page. (CVE-2011-2444)
This update also fixes an information disclosure flaw in Adobe Flash
Player. (CVE-2011-2429)
All Adobe Reader users should install these updated packages. They contain
Adobe Reader version 9.4.6, which is not vulnerable to these issues. All
running instances of Adobe Reader must be restarted for the update to take
effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise\nLinux 5 and 6 Supplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Adobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nThis update fixes multiple security flaws in Adobe Reader. These flaws are\ndetailed on the Adobe security page APSB11-24, listed in the References\nsection. A specially-crafted PDF file could cause Adobe Reader to crash or,\npotentially, execute arbitrary code as the user running Adobe Reader when\nopened. (CVE-2011-2431, CVE-2011-2432, CVE-2011-2433, CVE-2011-2434,\nCVE-2011-2435, CVE-2011-2436, CVE-2011-2437, CVE-2011-2438, CVE-2011-2439,\nCVE-2011-2440, CVE-2011-2442)\n\nThis update also fixes multiple security flaws in Adobe Flash Player\nembedded in Adobe Reader. These flaws are detailed on the Adobe security\npages APSB11-21 and APSB11-26, listed in the References section.\n\nA PDF file with an embedded, specially-crafted SWF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,\nCVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,\nCVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,\nCVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)\n\nA flaw in Adobe Flash Player could allow an attacker to conduct cross-site\nscripting (XSS) attacks if a victim were tricked into visiting a\nspecially-crafted web page. (CVE-2011-2444)\n\nThis update also fixes an information disclosure flaw in Adobe Flash\nPlayer. (CVE-2011-2429)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.6, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2011:1434",
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-24.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-24.html"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-26.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-26.html"
},
{
"category": "external",
"summary": "729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "740201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740201"
},
{
"category": "external",
"summary": "740204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740204"
},
{
"category": "external",
"summary": "740388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740388"
},
{
"category": "external",
"summary": "749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_1434.json"
}
],
"title": "Red Hat Security Advisory: acroread security update",
"tracking": {
"current_release_date": "2024-11-14T11:30:25+00:00",
"generator": {
"date": "2024-11-14T11:30:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2011:1434",
"initial_release_date": "2011-11-08T11:13:00+00:00",
"revision_history": [
{
"date": "2011-11-08T11:13:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2011-11-08T11:13:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T11:30:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.6-1.el4.i386",
"product": {
"name": "acroread-plugin-0:9.4.6-1.el4.i386",
"product_id": "acroread-plugin-0:9.4.6-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.6-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-0:9.4.6-1.el4.i386",
"product": {
"name": "acroread-0:9.4.6-1.el4.i386",
"product_id": "acroread-0:9.4.6-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.6-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.6-1.el5.i386",
"product": {
"name": "acroread-plugin-0:9.4.6-1.el5.i386",
"product_id": "acroread-plugin-0:9.4.6-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.6-1.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-0:9.4.6-1.el5.i386",
"product": {
"name": "acroread-0:9.4.6-1.el5.i386",
"product_id": "acroread-0:9.4.6-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.6-1.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "acroread-0:9.4.6-1.el6.i686",
"product": {
"name": "acroread-0:9.4.6-1.el6.i686",
"product_id": "acroread-0:9.4.6-1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.6-1.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.6-1.el6.i686",
"product": {
"name": "acroread-plugin-0:9.4.6-1.el6.i686",
"product_id": "acroread-plugin-0:9.4.6-1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.6-1.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-0:9.4.6-1.el5.i386"
},
"product_reference": "acroread-0:9.4.6-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-0:9.4.6-1.el5.i386"
},
"product_reference": "acroread-0:9.4.6-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary:acroread-0:9.4.6-1.el6.i686"
},
"product_reference": "acroread-0:9.4.6-1.el6.i686",
"relates_to_product_reference": "6Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el6.i686",
"relates_to_product_reference": "6Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary:acroread-0:9.4.6-1.el6.i686"
},
"product_reference": "acroread-0:9.4.6-1.el6.i686",
"relates_to_product_reference": "6Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el6.i686",
"relates_to_product_reference": "6Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686"
},
"product_reference": "acroread-0:9.4.6-1.el6.i686",
"relates_to_product_reference": "6Workstation-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el6.i686",
"relates_to_product_reference": "6Workstation-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2011-2094",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2095 and CVE-2011-2097.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2094"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2094",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2094"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2094",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2094"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2095",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2094 and CVE-2011-2097.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2095"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2095",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2095"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2096",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2096"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2096",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2096"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2096",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2096"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2097",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2094 and CVE-2011-2095.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2097"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2097"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2097",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2097"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2098",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2099.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2098"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2098",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2098"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2098",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2098"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2099",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2098.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2099"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2099"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2101",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X do not properly restrict script, which allows attackers to execute arbitrary code via a crafted document, related to a \"cross document script execution vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2101"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2101",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2101"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2101",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2101"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2104",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720633"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: Multiple denial of service flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2104"
},
{
"category": "external",
"summary": "RHBZ#720633",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720633"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2104",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2104"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "acroread: Multiple denial of service flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2105",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720633"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted font data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: Multiple denial of service flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2105"
},
{
"category": "external",
"summary": "RHBZ#720633",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720633"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2105",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2105"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "acroread: Multiple denial of service flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2107",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2011-06-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "710981"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a \"universal cross-site scripting vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: Cross-site scripting vulnerability (APSB11-13)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2107"
},
{
"category": "external",
"summary": "RHBZ#710981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=710981"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2107",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2107"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2107",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2107"
}
],
"release_date": "2011-06-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "flash-plugin: Cross-site scripting vulnerability (APSB11-13)"
},
{
"cve": "CVE-2011-2130",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2134, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2130"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2130",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2130"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2130",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2130"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2134",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2134"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2134",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2134"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2134",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2134"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2135",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2140, CVE-2011-2417, and CVE-2011-2425.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2135"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2135",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2135"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2136",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2138 and CVE-2011-2416.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2136"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2136",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2136"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2137",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2414, and CVE-2011-2415.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2137"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2137",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2137"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2138",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2416.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2138"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2138",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2138"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2138",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2138"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2139",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2139"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2139",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2139"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2139",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2139"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2140",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2417, and CVE-2011-2425.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2140"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2140",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2140"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2140",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2140"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2414",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2415.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2414"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2414",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2414"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2414",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2414"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2415",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2414.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2415"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2415",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2415"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2415",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2415"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2416",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2416"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2416",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2416"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2416",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2416"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2417",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2425.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2417"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2417",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2417"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2417",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2417"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2424",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by \"about 400 unique crash signatures.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2424"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2424",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2424"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2424",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2424"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2425",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2417.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2425"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2425",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2425"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2426",
"discovery_date": "2011-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "740388"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: critical flaws fixed in APSB11-26",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2426"
},
{
"category": "external",
"summary": "RHBZ#740388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2426"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2426",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2426"
}
],
"release_date": "2011-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: critical flaws fixed in APSB11-26"
},
{
"cve": "CVE-2011-2427",
"discovery_date": "2011-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "740388"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: critical flaws fixed in APSB11-26",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2427"
},
{
"category": "external",
"summary": "RHBZ#740388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2427",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2427"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2427",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2427"
}
],
"release_date": "2011-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: critical flaws fixed in APSB11-26"
},
{
"cve": "CVE-2011-2428",
"discovery_date": "2011-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "740388"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service (browser crash) via unspecified vectors, related to a \"logic error issue.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: critical flaws fixed in APSB11-26",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2428"
},
{
"category": "external",
"summary": "RHBZ#740388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2428",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2428"
}
],
"release_date": "2011-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: critical flaws fixed in APSB11-26"
},
{
"cve": "CVE-2011-2429",
"discovery_date": "2011-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "740204"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, related to a \"security control bypass.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: security control bypass information disclosure fixed in APSB11-26",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2429"
},
{
"category": "external",
"summary": "RHBZ#740204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740204"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2429",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2429"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2429",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2429"
}
],
"release_date": "2011-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "flash-plugin: security control bypass information disclosure fixed in APSB11-26"
},
{
"cve": "CVE-2011-2430",
"discovery_date": "2011-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "740388"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via crafted streaming media, related to a \"logic error vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: critical flaws fixed in APSB11-26",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2430"
},
{
"category": "external",
"summary": "RHBZ#740388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2430",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2430"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2430",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2430"
}
],
"release_date": "2011-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: critical flaws fixed in APSB11-26"
},
{
"cve": "CVE-2011-2431",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a \"security bypass vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2431"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2431",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2431"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2431"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2432",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in the U3D TIFF Resource in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2432"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2432",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2432"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2432",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2432"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2433",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2434 and CVE-2011-2437.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2433"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2433",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2433"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2433",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2433"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2434",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2437.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2434"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2434",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2434"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2434",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2434"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2435",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2435"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2435",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2435"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2435",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2435"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2436",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in the image-parsing library in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2436"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2436",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2436"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2436",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2436"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2437",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2434.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2437"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2437",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2437"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2437",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2437"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2438",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Multiple stack-based buffer overflows in the image-parsing library in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2438"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2438",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2438"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2438",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2438"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2439",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a \"memory leakage condition vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2439"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2439",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2439"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2439",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2439"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2440",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Use-after-free vulnerability in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2440"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2440",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2440"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2440",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2440"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2442",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a \"logic error vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2442"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2442",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2442"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2442",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2442"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2444",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2011-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "740201"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a \"universal cross-site scripting issue,\" as exploited in the wild in September 2011.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2444"
},
{
"category": "external",
"summary": "RHBZ#740201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2444",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2444"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2444",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2444"
}
],
"release_date": "2011-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26"
},
{
"cve": "CVE-2011-4374",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in Adobe Reader 9.x before 9.4.6 on Linux allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-4374"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-4374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4374"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-4374",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4374"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
}
]
}
RHSA-2011:1434
Vulnerability from csaf_redhat
Published
2011-11-08 11:13
Modified
2025-09-26 03:12
Summary
Red Hat Security Advisory: acroread security update
Notes
Topic
Updated acroread packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise
Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
Adobe Reader allows users to view and print documents in Portable Document
Format (PDF).
This update fixes multiple security flaws in Adobe Reader. These flaws are
detailed on the Adobe security page APSB11-24, listed in the References
section. A specially-crafted PDF file could cause Adobe Reader to crash or,
potentially, execute arbitrary code as the user running Adobe Reader when
opened. (CVE-2011-2431, CVE-2011-2432, CVE-2011-2433, CVE-2011-2434,
CVE-2011-2435, CVE-2011-2436, CVE-2011-2437, CVE-2011-2438, CVE-2011-2439,
CVE-2011-2440, CVE-2011-2442)
This update also fixes multiple security flaws in Adobe Flash Player
embedded in Adobe Reader. These flaws are detailed on the Adobe security
pages APSB11-21 and APSB11-26, listed in the References section.
A PDF file with an embedded, specially-crafted SWF file could cause Adobe
Reader to crash or, potentially, execute arbitrary code as the user running
Adobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,
CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,
CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,
CVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)
A flaw in Adobe Flash Player could allow an attacker to conduct cross-site
scripting (XSS) attacks if a victim were tricked into visiting a
specially-crafted web page. (CVE-2011-2444)
This update also fixes an information disclosure flaw in Adobe Flash
Player. (CVE-2011-2429)
All Adobe Reader users should install these updated packages. They contain
Adobe Reader version 9.4.6, which is not vulnerable to these issues. All
running instances of Adobe Reader must be restarted for the update to take
effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated acroread packages that fix multiple security issues are now\navailable for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise\nLinux 5 and 6 Supplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Adobe Reader allows users to view and print documents in Portable Document\nFormat (PDF).\n\nThis update fixes multiple security flaws in Adobe Reader. These flaws are\ndetailed on the Adobe security page APSB11-24, listed in the References\nsection. A specially-crafted PDF file could cause Adobe Reader to crash or,\npotentially, execute arbitrary code as the user running Adobe Reader when\nopened. (CVE-2011-2431, CVE-2011-2432, CVE-2011-2433, CVE-2011-2434,\nCVE-2011-2435, CVE-2011-2436, CVE-2011-2437, CVE-2011-2438, CVE-2011-2439,\nCVE-2011-2440, CVE-2011-2442)\n\nThis update also fixes multiple security flaws in Adobe Flash Player\nembedded in Adobe Reader. These flaws are detailed on the Adobe security\npages APSB11-21 and APSB11-26, listed in the References section.\n\nA PDF file with an embedded, specially-crafted SWF file could cause Adobe\nReader to crash or, potentially, execute arbitrary code as the user running\nAdobe Reader when opened. (CVE-2011-2130, CVE-2011-2134, CVE-2011-2135,\nCVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140,\nCVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2424,\nCVE-2011-2425, CVE-2011-2426, CVE-2011-2427, CVE-2011-2428, CVE-2011-2430)\n\nA flaw in Adobe Flash Player could allow an attacker to conduct cross-site\nscripting (XSS) attacks if a victim were tricked into visiting a\nspecially-crafted web page. (CVE-2011-2444)\n\nThis update also fixes an information disclosure flaw in Adobe Flash\nPlayer. (CVE-2011-2429)\n\nAll Adobe Reader users should install these updated packages. They contain\nAdobe Reader version 9.4.6, which is not vulnerable to these issues. All\nrunning instances of Adobe Reader must be restarted for the update to take\neffect.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2011:1434",
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-24.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-24.html"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-26.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-26.html"
},
{
"category": "external",
"summary": "729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "740201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740201"
},
{
"category": "external",
"summary": "740204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740204"
},
{
"category": "external",
"summary": "740388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740388"
},
{
"category": "external",
"summary": "749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_1434.json"
}
],
"title": "Red Hat Security Advisory: acroread security update",
"tracking": {
"current_release_date": "2025-09-26T03:12:16+00:00",
"generator": {
"date": "2025-09-26T03:12:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.8"
}
},
"id": "RHSA-2011:1434",
"initial_release_date": "2011-11-08T11:13:00+00:00",
"revision_history": [
{
"date": "2011-11-08T11:13:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2011-11-08T11:13:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-09-26T03:12:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 4 Extras",
"product": {
"name": "Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product": {
"name": "Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:4"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.6-1.el4.i386",
"product": {
"name": "acroread-plugin-0:9.4.6-1.el4.i386",
"product_id": "acroread-plugin-0:9.4.6-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.6-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-0:9.4.6-1.el4.i386",
"product": {
"name": "acroread-0:9.4.6-1.el4.i386",
"product_id": "acroread-0:9.4.6-1.el4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.6-1.el4?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.6-1.el5.i386",
"product": {
"name": "acroread-plugin-0:9.4.6-1.el5.i386",
"product_id": "acroread-plugin-0:9.4.6-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.6-1.el5?arch=i386"
}
}
},
{
"category": "product_version",
"name": "acroread-0:9.4.6-1.el5.i386",
"product": {
"name": "acroread-0:9.4.6-1.el5.i386",
"product_id": "acroread-0:9.4.6-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.6-1.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "acroread-0:9.4.6-1.el6.i686",
"product": {
"name": "acroread-0:9.4.6-1.el6.i686",
"product_id": "acroread-0:9.4.6-1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread@9.4.6-1.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "acroread-plugin-0:9.4.6-1.el6.i686",
"product": {
"name": "acroread-plugin-0:9.4.6-1.el6.i686",
"product_id": "acroread-plugin-0:9.4.6-1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/acroread-plugin@9.4.6-1.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el4.i386 as a component of Red Hat Enterprise Linux AS version 4 Extras",
"product_id": "4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4AS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el4.i386 as a component of Red Hat Desktop version 4 Extras",
"product_id": "4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4Desktop-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el4.i386 as a component of Red Hat Enterprise Linux ES version 4 Extras",
"product_id": "4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4ES-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el4.i386 as a component of Red Hat Enterprise Linux WS version 4 Extras",
"product_id": "4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el4.i386",
"relates_to_product_reference": "4WS-LACD"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-0:9.4.6-1.el5.i386"
},
"product_reference": "acroread-0:9.4.6-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-0:9.4.6-1.el5.i386"
},
"product_reference": "acroread-0:9.4.6-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary:acroread-0:9.4.6-1.el6.i686"
},
"product_reference": "acroread-0:9.4.6-1.el6.i686",
"relates_to_product_reference": "6Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el6.i686",
"relates_to_product_reference": "6Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary:acroread-0:9.4.6-1.el6.i686"
},
"product_reference": "acroread-0:9.4.6-1.el6.i686",
"relates_to_product_reference": "6Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el6.i686",
"relates_to_product_reference": "6Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-0:9.4.6-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686"
},
"product_reference": "acroread-0:9.4.6-1.el6.i686",
"relates_to_product_reference": "6Workstation-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "acroread-plugin-0:9.4.6-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
},
"product_reference": "acroread-plugin-0:9.4.6-1.el6.i686",
"relates_to_product_reference": "6Workstation-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2011-2094",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2095 and CVE-2011-2097.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2094"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2094",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2094"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2094",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2094"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2095",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2094 and CVE-2011-2097.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2095"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2095",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2095"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2096",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2096"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2096",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2096"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2096",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2096"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2097",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2094 and CVE-2011-2095.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2097"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2097"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2097",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2097"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2098",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2099.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2098"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2098",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2098"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2098",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2098"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2099",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2098.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2099"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2099"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2101",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720622"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X do not properly restrict script, which allows attackers to execute arbitrary code via a crafted document, related to a \"cross document script execution vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2101"
},
{
"category": "external",
"summary": "RHBZ#720622",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720622"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2101",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2101"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2101",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2101"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2104",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720633"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: Multiple denial of service flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2104"
},
{
"category": "external",
"summary": "RHBZ#720633",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720633"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2104",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2104"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "acroread: Multiple denial of service flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2105",
"discovery_date": "2011-06-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "720633"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted font data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: Multiple denial of service flaws (APSB11-16)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2105"
},
{
"category": "external",
"summary": "RHBZ#720633",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720633"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2105",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2105"
}
],
"release_date": "2011-06-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "acroread: Multiple denial of service flaws (APSB11-16)"
},
{
"cve": "CVE-2011-2107",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2011-06-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "710981"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a \"universal cross-site scripting vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: Cross-site scripting vulnerability (APSB11-13)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2107"
},
{
"category": "external",
"summary": "RHBZ#710981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=710981"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2107",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2107"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2107",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2107"
}
],
"release_date": "2011-06-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "flash-plugin: Cross-site scripting vulnerability (APSB11-13)"
},
{
"cve": "CVE-2011-2130",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2134, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2130"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2130",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2130"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2130",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2130"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2134",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2134"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2134",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2134"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2134",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2134"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2135",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2140, CVE-2011-2417, and CVE-2011-2425.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2135"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2135",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2135"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2135",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2135"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2136",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2138 and CVE-2011-2416.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2136"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2136",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2136"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2137",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2414, and CVE-2011-2415.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2137"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2137",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2137"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2138",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2416.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2138"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2138",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2138"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2138",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2138"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2139",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2139"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2139",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2139"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2139",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2139"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2140",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2417, and CVE-2011-2425.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2140"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2140",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2140"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2140",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2140"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2414",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2415.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2414"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2414",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2414"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2414",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2414"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2415",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2414.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2415"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2415",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2415"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2415",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2415"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2416",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2416"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2416",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2416"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2416",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2416"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2417",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2425.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2417"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2417",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2417"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2417",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2417"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2424",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by \"about 400 unique crash signatures.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2424"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2424",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2424"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2424",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2424"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2425",
"discovery_date": "2011-08-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "729497"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2417.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2425"
},
{
"category": "external",
"summary": "RHBZ#729497",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=729497"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2425",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2425"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-21.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-21.html"
}
],
"release_date": "2011-08-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)"
},
{
"cve": "CVE-2011-2426",
"discovery_date": "2011-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "740388"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: critical flaws fixed in APSB11-26",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2426"
},
{
"category": "external",
"summary": "RHBZ#740388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2426"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2426",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2426"
}
],
"release_date": "2011-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: critical flaws fixed in APSB11-26"
},
{
"cve": "CVE-2011-2427",
"discovery_date": "2011-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "740388"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: critical flaws fixed in APSB11-26",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2427"
},
{
"category": "external",
"summary": "RHBZ#740388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2427",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2427"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2427",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2427"
}
],
"release_date": "2011-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: critical flaws fixed in APSB11-26"
},
{
"cve": "CVE-2011-2428",
"discovery_date": "2011-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "740388"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service (browser crash) via unspecified vectors, related to a \"logic error issue.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: critical flaws fixed in APSB11-26",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2428"
},
{
"category": "external",
"summary": "RHBZ#740388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2428",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2428"
}
],
"release_date": "2011-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: critical flaws fixed in APSB11-26"
},
{
"cve": "CVE-2011-2429",
"discovery_date": "2011-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "740204"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, related to a \"security control bypass.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: security control bypass information disclosure fixed in APSB11-26",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2429"
},
{
"category": "external",
"summary": "RHBZ#740204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740204"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2429",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2429"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2429",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2429"
}
],
"release_date": "2011-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "flash-plugin: security control bypass information disclosure fixed in APSB11-26"
},
{
"cve": "CVE-2011-2430",
"discovery_date": "2011-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "740388"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via crafted streaming media, related to a \"logic error vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: critical flaws fixed in APSB11-26",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2430"
},
{
"category": "external",
"summary": "RHBZ#740388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2430",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2430"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2430",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2430"
}
],
"release_date": "2011-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: critical flaws fixed in APSB11-26"
},
{
"cve": "CVE-2011-2431",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a \"security bypass vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2431"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2431",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2431"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2431"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2432",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in the U3D TIFF Resource in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2432"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2432",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2432"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2432",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2432"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2433",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2434 and CVE-2011-2437.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2433"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2433",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2433"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2433",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2433"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2434",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2437.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2434"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2434",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2434"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2434",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2434"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2435",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2435"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2435",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2435"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2435",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2435"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2436",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in the image-parsing library in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2436"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2436",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2436"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2436",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2436"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2437",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2434.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2437"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2437",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2437"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2437",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2437"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2438",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Multiple stack-based buffer overflows in the image-parsing library in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2438"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2438",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2438"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2438",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2438"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2439",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a \"memory leakage condition vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2439"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2439",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2439"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2439",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2439"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2440",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Use-after-free vulnerability in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2440"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2440",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2440"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2440",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2440"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2442",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a \"logic error vulnerability.\"",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2442"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2442",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2442"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2442",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2442"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
},
{
"cve": "CVE-2011-2444",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2011-09-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "740201"
}
],
"notes": [
{
"category": "description",
"text": "Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a \"universal cross-site scripting issue,\" as exploited in the wild in September 2011.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2444"
},
{
"category": "external",
"summary": "RHBZ#740201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=740201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2444",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2444"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2444",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2444"
}
],
"release_date": "2011-09-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26"
},
{
"cve": "CVE-2011-4374",
"discovery_date": "2011-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "749381"
}
],
"notes": [
{
"category": "description",
"text": "Integer overflow in Adobe Reader 9.x before 9.4.6 on Linux allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "acroread: multiple code execution flaws (APSB11-24)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-4374"
},
{
"category": "external",
"summary": "RHBZ#749381",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=749381"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-4374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4374"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-4374",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-4374"
}
],
"release_date": "2011-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-08T11:13:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1434"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"4AS-LACD:acroread-0:9.4.6-1.el4.i386",
"4AS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-0:9.4.6-1.el4.i386",
"4Desktop-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-0:9.4.6-1.el4.i386",
"4ES-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-0:9.4.6-1.el4.i386",
"4WS-LACD:acroread-plugin-0:9.4.6-1.el4.i386",
"5Client-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Client-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-0:9.4.6-1.el5.i386",
"5Server-Supplementary:acroread-plugin-0:9.4.6-1.el5.i386",
"6Client-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Client-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Server-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-0:9.4.6-1.el6.i686",
"6Workstation-Supplementary:acroread-plugin-0:9.4.6-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "acroread: multiple code execution flaws (APSB11-24)"
}
]
}
CERTA-2011-ALE-003
Vulnerability from certfr_alerte
Une vulnérabilité permettant l'exécution de code arbitraire à distance affecte des produits Adobe. Elle est actuellement activement exploitée. L'éditeur a publié les correctifs pour toutes les versions concernées.
Description
Des produits Adobe sont vulnérables à une faille permettant à une personne malintentionnée d'exécuter du code arbitraire à distance.
L'éditeur rapporte que cette vulnérabilité est actuellement exploitée sur l'Internet, en particulier via des documents Microsoft Word spécialement conçus.
Mise à jour du 14 avril 2011 : l'éditeur annonce les dates de mise à disposition de correctifs suivantes :
- 15 avril 2011 pour Adobe Flash Player 10.2.x (tous les systèmes d'exploitation) ;
- semaine du 25 avril 2011 pour Adobe Reader 9.x, pour Windows et MacOS ;
- semaine du 25 avril pour Adobe Reader X (10.0.1) pour MacOS ;
- 14 juin 2011 pour Adobe Reader X (10.0.2) pour Windows.
Contournement provisoire
Il est possible de supprimer ou interdire l'accès à la DLL authplay.dll. Le Protected Mode inclus dans Adobe Reader X réduit les risques d'exploitation de la vulnérabilité.
Il est également recommandé d'utiliser un logiciel alternatif et à jour en attendant la publication du correctif.
Solution
Se référer aux bulletins de sécurité APSB11-07 et APSB11-16 (APSB11-16 inclut les corrections pour les vulnérabilités décrites dans les bulletins APSB11-06 et APSB11-08) de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | Acrobat | le composant authplay.dll contenu dans les versions 10.0.2 et antérieures de Adobe Acrobat et Reader pour les systèmes Windows et Macintosh. | ||
| Adobe | Acrobat | Adobe Flash Player 10.2.154.25 et antérieures pour les utilisateurs de Chrome ; | ||
| Adobe | Acrobat | Adobe Flash Player 10.2.153.1 et antérieures sur les systèmes Microsoft Windows, Linux et Oracle Solaris ; | ||
| Adobe | Acrobat | Adobe AIR versions 2.6.19120 et antérieures ; | ||
| Adobe | Acrobat | Adobe Flash Player 10.1.156.12 et antérieures sur les systèmes Android ; |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "le composant authplay.dll contenu dans les versions 10.0.2 et ant\u00e9rieures de Adobe Acrobat et Reader pour les syst\u00e8mes Windows et Macintosh.",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Flash Player 10.2.154.25 et ant\u00e9rieures pour les utilisateurs de Chrome ;",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Flash Player 10.2.153.1 et ant\u00e9rieures sur les syst\u00e8mes Microsoft Windows, Linux et Oracle Solaris ;",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe AIR versions 2.6.19120 et ant\u00e9rieures ;",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Flash Player 10.1.156.12 et ant\u00e9rieures sur les syst\u00e8mes Android ;",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"closed_at": "2011-06-20",
"content": "## Description\n\nDes produits Adobe sont vuln\u00e9rables \u00e0 une faille permettant \u00e0 une\npersonne malintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n\nL\u0027\u00e9diteur rapporte que cette vuln\u00e9rabilit\u00e9 est actuellement exploit\u00e9e\nsur l\u0027Internet, en particulier via des documents Microsoft Word\nsp\u00e9cialement con\u00e7us.\n\n \n \n\n\u003cspan class=\"textbf\"\u003eMise \u00e0 jour du 14 avril 2011\u003c/span\u003e\u00a0: l\u0027\u00e9diteur\nannonce les dates de mise \u00e0 disposition de correctifs suivantes\u00a0:\n\n- 15 avril 2011 pour Adobe Flash Player 10.2.x (tous les syst\u00e8mes\n d\u0027exploitation)\u00a0;\n- semaine du 25 avril 2011 pour Adobe Reader 9.x, pour Windows et\n MacOS\u00a0;\n- semaine du 25 avril pour Adobe Reader X (10.0.1) pour MacOS\u00a0;\n- 14 juin 2011 pour Adobe Reader X (10.0.2) pour Windows.\n\n## Contournement provisoire\n\nIl est possible de supprimer ou interdire l\u0027acc\u00e8s \u00e0 la DLL authplay.dll.\nLe Protected Mode inclus dans Adobe Reader X r\u00e9duit les risques\nd\u0027exploitation de la vuln\u00e9rabilit\u00e9.\n\nIl est \u00e9galement recommand\u00e9 d\u0027utiliser un logiciel alternatif et \u00e0 jour\nen attendant la publication du correctif. \n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 APSB11-07 et APSB11-16 (APSB11-16\ninclut les corrections pour les vuln\u00e9rabilit\u00e9s d\u00e9crites dans les\nbulletins APSB11-06 et APSB11-08) de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2097"
},
{
"name": "CVE-2011-0610",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0610"
},
{
"name": "CVE-2011-0611",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0611"
},
{
"name": "CVE-2011-2096",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2096"
},
{
"name": "CVE-2011-2105",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2105"
},
{
"name": "CVE-2011-2102",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2102"
},
{
"name": "CVE-2011-2100",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2100"
},
{
"name": "CVE-2011-2104",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2104"
},
{
"name": "CVE-2011-2103",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2103"
},
{
"name": "CVE-2011-2106",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2106"
},
{
"name": "CVE-2011-2101",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2101"
},
{
"name": "CVE-2011-2098",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2098"
},
{
"name": "CVE-2011-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2099"
},
{
"name": "CVE-2011-2094",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2094"
},
{
"name": "CVE-2011-2095",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2095"
}
],
"initial_release_date": "2011-04-12T00:00:00",
"last_revision_date": "2011-06-20T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB11-07 du 15 avril 2011 :",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-07.html"
},
{
"title": "Avis de s\u00e9curit\u00e9 du CERTA CERTA-2011-AVI-342 du 15 juin 2011 :",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2011-AVI-342/index.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB11-16 du 14 juin 2011 :",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html"
},
{
"title": "Avis de s\u00e9curit\u00e9 du CERTA CERTA-2011-AVI-250 du 22 avril 2011 :",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2011-AVI-250/index.html"
},
{
"title": "Avis de s\u00e9curit\u00e9 du CERTA CERTA-2011-AVI-234 du 19 avril 2011 :",
"url": "http://www.certa.ssi.gouv.fr/site/CERTA-2011-AVI-234/index.html"
},
{
"title": "Notes de version Google Chrome :",
"url": "http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB11-08 du 21 avril 2011 :",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-08.html"
},
{
"title": "Bulletin d\u0027alerte Adobe APSA11-02 du 11 avril 2011 :",
"url": "http://www.adobe.com/support/security/advisories/apsa11-02.html"
}
],
"reference": "CERTA-2011-ALE-003",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-04-12T00:00:00.000000"
},
{
"description": "annonce des dates de publication des correctifs.",
"revision_date": "2011-04-14T00:00:00.000000"
},
{
"description": "ajout du correctif Google Chrome.",
"revision_date": "2011-04-15T00:00:00.000000"
},
{
"description": "ajout du bulletin de s\u00e9curit\u00e9 Adobe APSB11-07, de Adobe AIR dans les produits vuln\u00e9rables et de la solution partielle.",
"revision_date": "2011-04-19T00:00:00.000000"
},
{
"description": "ajout du bulletin de s\u00e9curit\u00e9 Adobe APSB11-08, et des corrections Adobe Reader et Acrobat dans la solution partielle.",
"revision_date": "2011-04-22T00:00:00.000000"
},
{
"description": "ajout du bulletin de s\u00e9curit\u00e9 Adobe APSB11-16 proposant l\u0027ensemble des correctifs pour Adobe Reader et Acrobat.",
"revision_date": "2011-06-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 permettant l\u0027ex\u00e9cution de code arbitraire \u00e0 distance\naffecte des produits Adobe. Elle est actuellement activement exploit\u00e9e.\nL\u0027\u00e9diteur a publi\u00e9 les correctifs pour toutes les versions concern\u00e9es.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Adobe Flash Player, Adobe Reader et Acrobat",
"vendor_advisories": [
{
"published_at": null,
"title": "Alerte de s\u00e9curit\u00e9 Adobe APSA11-02 du 11 avril 2011",
"url": null
}
]
}
CERTA-2011-AVI-342
Vulnerability from certfr_avis
De multiples vulnérabilités ont été corrigées dans les produits Adobe Acrobat et Reader. Une large partie d'entre elles permettent à un attaquant de provoquer l'arrêt inopiné de l'application, et pourraient mener à l'exécution de code arbitraire à distance.
Description
La mise à jour corrige 13 vulnérabilités dans les produits Adobe Acrobat et Reader:
- quatre d'entre elles permettraient à un attaquant de réaliser l'exécution de code à distance par le biais de dépassement de mémoire tampon (CVE-2011-2094, CVE-2011-2095, CVE-2011-2097) et d'un débordement de tas (CVE-2011-2096) ;
- deux permettraient l'exécution de code arbitraire à distance par corruption de la mémoire (CVE-2011-2098, CVE-2011-2099), une troisième n'affecte que les versions 8.x (CVE-2011-2103) et une quatrième n'affecte que les versions Macintosh des deux produits (CVE-2011-2106) ;
- une erreur dans le chargement de DLL permet l'exécution de code arbitraire à distance (CVE-2011-2100) ;
- certaines entrées ne sont pas suffisamment validées et permettent l'exécution de code par rebond (CVE-2011-2101) ;
- une vulnérabilité non spécifiée n'affectant que les versions 10.x permet le contournement de certaines restrictions (CVE-2011-2102) ;
- deux corruptions de mémoire entrainant une fermeture inopinée ont enfin été corrigées (CVE-2011-2104 et CVE-2011-2105).
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Adobe | Acrobat | Adobe Reader X pour Macintosh, versions 10.x jusqu'à 10.0.3 inclue ; | ||
| Adobe | Acrobat | Adobe Acrobat X pour Windows et Macintosh, versions 10.x jusqu'à 10.0.3 inclue ; | ||
| Adobe | Acrobat | Adobe Reader X pour Windows, versions 10.x jusqu'à 10.0.1 inclue ; | ||
| Adobe | Acrobat | Adobe Reader 9 pour Windows et Macintosh, versions 9.x jusqu'à 9.4.4 inclue ; | ||
| Adobe | Acrobat | Adobe Acrobat 9 pour Windows et Macintosh, versions 9.x jusqu'à 9.4.4 inclue ; | ||
| Adobe | Acrobat | Adobe Acrobat 8 pour Windows et Macintosh, versions 8.x jusqu'à 8.2.6 inclue. | ||
| Adobe | Acrobat | Adobe Reader 8 pour Windows et Macintosh, versions 8.x jusqu'à 8.2.6 inclue ; |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Adobe Reader X pour Macintosh, versions 10.x jusqu\u0027\u00e0 10.0.3 inclue ;",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Acrobat X pour Windows et Macintosh, versions 10.x jusqu\u0027\u00e0 10.0.3 inclue ;",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Reader X pour Windows, versions 10.x jusqu\u0027\u00e0 10.0.1 inclue ;",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Reader 9 pour Windows et Macintosh, versions 9.x jusqu\u0027\u00e0 9.4.4 inclue ;",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Acrobat 9 pour Windows et Macintosh, versions 9.x jusqu\u0027\u00e0 9.4.4 inclue ;",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Acrobat 8 pour Windows et Macintosh, versions 8.x jusqu\u0027\u00e0 8.2.6 inclue.",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Reader 8 pour Windows et Macintosh, versions 8.x jusqu\u0027\u00e0 8.2.6 inclue ;",
"product": {
"name": "Acrobat",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nLa mise \u00e0 jour corrige 13 vuln\u00e9rabilit\u00e9s dans les produits Adobe Acrobat\net Reader:\n\n- quatre d\u0027entre elles permettraient \u00e0 un attaquant de r\u00e9aliser\n l\u0027ex\u00e9cution de code \u00e0 distance par le biais de d\u00e9passement de\n m\u00e9moire tampon (CVE-2011-2094, CVE-2011-2095, CVE-2011-2097) et d\u0027un\n d\u00e9bordement de tas (CVE-2011-2096) ;\n- deux permettraient l\u0027ex\u00e9cution de code arbitraire \u00e0 distance par\n corruption de la m\u00e9moire (CVE-2011-2098, CVE-2011-2099), une\n troisi\u00e8me n\u0027affecte que les versions 8.x (CVE-2011-2103) et une\n quatri\u00e8me n\u0027affecte que les versions Macintosh des deux produits\n (CVE-2011-2106) ;\n- une erreur dans le chargement de DLL permet l\u0027ex\u00e9cution de code\n arbitraire \u00e0 distance (CVE-2011-2100) ;\n- certaines entr\u00e9es ne sont pas suffisamment valid\u00e9es et permettent\n l\u0027ex\u00e9cution de code par rebond (CVE-2011-2101) ;\n- une vuln\u00e9rabilit\u00e9 non sp\u00e9cifi\u00e9e n\u0027affectant que les versions 10.x\n permet le contournement de certaines restrictions (CVE-2011-2102) ;\n- deux corruptions de m\u00e9moire entrainant une fermeture inopin\u00e9e ont\n enfin \u00e9t\u00e9 corrig\u00e9es (CVE-2011-2104 et CVE-2011-2105).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-2094",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2094"
},
{
"name": "CVE-2011-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2099"
},
{
"name": "CVE-2011-2104",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2104"
},
{
"name": "CVE-2011-2095",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2095"
},
{
"name": "CVE-2011-2101",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2101"
},
{
"name": "CVE-2011-2096",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2096"
},
{
"name": "CVE-2011-2105",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2105"
},
{
"name": "CVE-2011-2100",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2100"
},
{
"name": "CVE-2011-2102",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2102"
},
{
"name": "CVE-2011-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2097"
},
{
"name": "CVE-2011-2106",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2106"
},
{
"name": "CVE-2011-2103",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2103"
},
{
"name": "CVE-2011-2098",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2098"
}
],
"initial_release_date": "2011-06-15T00:00:00",
"last_revision_date": "2011-06-15T00:00:00",
"links": [],
"reference": "CERTA-2011-AVI-342",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-06-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits Adobe\nAcrobat et Reader. Une large partie d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer l\u0027arr\u00eat inopin\u00e9 de l\u0027application, et pourraient\nmener \u00e0 l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Reader et Acrobat",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb11-16 du 15 juin 2011",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-16.html"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…