Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2424

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-2424
Last Modified 02 Nov 2013 11:14:43
Published 15 Aug 2011 05:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2424

Summary

Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by "about 400 unique crash signatures."

Vulnerable Systems

Application

  • Adobe Air 1.0

  • Adobe Air 1.1

  • Adobe Air 1.5

  • Adobe Air 1.5.2

  • Adobe Air 1.5.3

  • Adobe Air 2.0.2

  • Adobe Air 2.0.3

  • Adobe Air 2.0.4

  • Adobe Air 2.6

  • Adobe Air 2.7

  • Adobe Air 2.7.1

  • Adobe Flash Player 10.0.0.584

  • Adobe Flash Player 10.0.12.10

  • Adobe Flash Player 10.0.12.36

  • Adobe Flash Player 10.0.15.3

  • Adobe Flash Player 10.0.22.87

  • Adobe Flash Player 10.0.32.18

  • Adobe Flash Player 10.0.42.34

  • Adobe Flash Player 10.0.45.2

  • Adobe Flash Player 10.1.102.64

  • Adobe Flash Player 10.1.105.6

  • Adobe Flash Player 10.1.106.16

  • Adobe Flash Player 10.1.52.14.1

  • Adobe Flash Player 10.1.52.15

  • Adobe Flash Player 10.1.53.64

  • Adobe Flash Player 10.1.82.76

  • Adobe Flash Player 10.1.85.3

  • Adobe Flash Player 10.1.92.10

  • Adobe Flash Player 10.1.92.8

  • Adobe Flash Player 10.1.95.1

  • Adobe Flash Player 10.1.95.2

  • Adobe Flash Player 10.2.152

  • Adobe Flash Player 10.2.152.32

  • Adobe Flash Player 10.2.152.33

  • Adobe Flash Player 10.2.154.13

  • Adobe Flash Player 10.2.154.25

  • Adobe Flash Player 10.2.156.12

  • Adobe Flash Player 10.2.157.51

  • Adobe Flash Player 10.2.159.1

  • Adobe Flash Player 10.3.181.14

  • Adobe Flash Player 10.3.181.16

  • Adobe Flash Player 10.3.181.23

  • Adobe Flash Player 10.3.181.34

  • Adobe Flash Player 10.3.181.36

  • Adobe Flash Player 10.3.185.21

  • Adobe Flash Player 10.3.185.23

  • Adobe Flash Player 10.3.185.25

  • Adobe Flash Player 6.0.21.0

  • Adobe Flash Player 6.0.79

  • Adobe Flash Player 7

  • Adobe Flash Player 7.0

  • Adobe Flash Player 7.0.1

  • Adobe Flash Player 7.0.14.0

  • Adobe Flash Player 7.0.19.0

  • Adobe Flash Player 7.0.24.0

  • Adobe Flash Player 7.0.25

  • Adobe Flash Player 7.0.53.0

  • Adobe Flash Player 7.0.60.0

  • Adobe Flash Player 7.0.61.0

  • Adobe Flash Player 7.0.63

  • Adobe Flash Player 7.0.66.0

  • Adobe Flash Player 7.0.67.0

  • Adobe Flash Player 7.0.68.0

  • Adobe Flash Player 7.0.69.0

  • Adobe Flash Player 7.0.70.0

  • Adobe Flash Player 7.0.73.0

  • Adobe Flash Player 7.1

  • Adobe Flash Player 7.1.1

  • Adobe Flash Player 7.2

  • Adobe Flash Player 8

  • Adobe Flash Player 8.0

  • Adobe Flash Player 8.0.22.0

  • Adobe Flash Player 8.0.24.0

  • Adobe Flash Player 8.0.33.0

  • Adobe Flash Player 8.0.34.0

  • Adobe Flash Player 8.0.35.0

  • Adobe Flash Player 8.0.39.0

  • Adobe Flash Player 8.0.42.0

  • Adobe Flash Player 9

  • Adobe Flash Player 9.0.112.0

  • Adobe Flash Player 9.0.114.0

  • Adobe Flash Player 9.0.115.0

  • Adobe Flash Player 9.0.124.0

  • Adobe Flash Player 9.0.125.0

  • Adobe Flash Player 9.0.151.0

  • Adobe Flash Player 9.0.152.0

  • Adobe Flash Player 9.0.155.0

  • Adobe Flash Player 9.0.159.0

  • Adobe Flash Player 9.0.16

  • Adobe Flash Player 9.0.18d60

  • Adobe Flash Player 9.0.20

  • Adobe Flash Player 9.0.20.0

  • Adobe Flash Player 9.0.246.0

  • Adobe Flash Player 9.0.260.0

  • Adobe Flash Player 9.0.262.0

  • Adobe Flash Player 9.0.277.0

  • Adobe Flash Player 9.0.28

  • Adobe Flash Player 9.0.28.0

  • Adobe Flash Player 9.0.283.0

  • Adobe Flash Player 9.0.31

  • Adobe Flash Player 9.0.31.0

  • Adobe Flash Player 9.0.45.0

  • Adobe Flash Player 9.0.47.0

  • Adobe Flash Player 9.0.48.0

  • Adobe Flash Player 9.125.0


References

CERT - TA11-222A

CONFIRM - http://www.adobe.com/support/security/bulletins/apsb11-21.html

REDHAT - RHSA-2011:1144

MISC - http://twitter.com/taviso/statuses/101046396790128640

MISC - http://twitter.com/taviso/statuses/101046246277521409

MISC - http://googleonlinesecurity.blogspot.com/2011/08/fuzzing-at-scale.html

CONFIRM - http://blogs.adobe.com/asset/2011/08/how-did-you-get-to-that-number.html

Related Patches

Adobe APSB11-21 AIR 2.7.1.19610 for Windows (Update) (All Languages)

Adobe APSB11-21 Flash Player 10.3.183.5 (Internet Explorer) for Windows (Update) (All Languages)

Adobe APSB11-21 Flash Player 10.3.183.7 (Other Browsers) for Windows (Update) (All Languages)

Adobe APSB11-21 Flash Player 10.3.183.7 (Internet Explorer) for Windows (Update) (All Languages)

Adobe APSB11-21 Flash Player 10.3.183.5 (Other Browsers) for Windows (Update) (All Languages)

Adobe APSB11-21 Flash Player 10.3.183.5 for Mac OS X (Update)


Last Updated: 27 May 2016 10:57:01