9.3

CVE-2011-0559

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeFlash Player Version <= 10.2.152
AdobeFlash Player Version6.0.21.0
AdobeFlash Player Version6.0.79
AdobeFlash Player Version7.0
AdobeFlash Player Version7.0.1
AdobeFlash Player Version7.0.14.0
AdobeFlash Player Version7.0.19.0
AdobeFlash Player Version7.0.24.0
AdobeFlash Player Version7.0.25
AdobeFlash Player Version7.0.53.0
AdobeFlash Player Version7.0.60.0
AdobeFlash Player Version7.0.61.0
AdobeFlash Player Version7.0.63
AdobeFlash Player Version7.0.66.0
AdobeFlash Player Version7.0.67.0
AdobeFlash Player Version7.0.68.0
AdobeFlash Player Version7.0.69.0
AdobeFlash Player Version7.0.70.0
AdobeFlash Player Version7.0.73.0
AdobeFlash Player Version7.1
AdobeFlash Player Version7.1.1
AdobeFlash Player Version7.2
AdobeFlash Player Version8.0
AdobeFlash Player Version8.0.22.0
AdobeFlash Player Version8.0.24.0
AdobeFlash Player Version8.0.33.0
AdobeFlash Player Version8.0.34.0
AdobeFlash Player Version8.0.35.0
AdobeFlash Player Version8.0.39.0
AdobeFlash Player Version8.0.42.0
AdobeFlash Player Version9.0
AdobeFlash Player Version9.0.16
AdobeFlash Player Version9.0.18d60
AdobeFlash Player Version9.0.20
AdobeFlash Player Version9.0.20.0
AdobeFlash Player Version9.0.28
AdobeFlash Player Version9.0.28.0
AdobeFlash Player Version9.0.31
AdobeFlash Player Version9.0.31.0
AdobeFlash Player Version9.0.45.0
AdobeFlash Player Version9.0.47.0
AdobeFlash Player Version9.0.48.0
AdobeFlash Player Version9.0.112.0
AdobeFlash Player Version9.0.114.0
AdobeFlash Player Version9.0.115.0
AdobeFlash Player Version9.0.124.0
AdobeFlash Player Version9.0.125.0
AdobeFlash Player Version9.0.151.0
AdobeFlash Player Version9.0.152.0
AdobeFlash Player Version9.0.155.0
AdobeFlash Player Version9.0.159.0
AdobeFlash Player Version9.0.246.0
AdobeFlash Player Version9.0.260.0
AdobeFlash Player Version9.0.262.0
AdobeFlash Player Version9.0.277.0
AdobeFlash Player Version9.0.283.0
AdobeFlash Player Version9.125.0
AdobeFlash Player Version10.0.0.584
AdobeFlash Player Version10.0.12.10
AdobeFlash Player Version10.0.12.36
AdobeFlash Player Version10.0.15.3
AdobeFlash Player Version10.0.22.87
AdobeFlash Player Version10.0.32.18
AdobeFlash Player Version10.0.42.34
AdobeFlash Player Version10.0.45.2
AdobeFlash Player Version10.1.52.14.1
AdobeFlash Player Version10.1.52.15
AdobeFlash Player Version10.1.53.64
AdobeFlash Player Version10.1.82.76
AdobeFlash Player Version10.1.85.3
AdobeFlash Player Version10.1.92.8
AdobeFlash Player Version10.1.92.10
AdobeFlash Player Version10.1.95.1
AdobeFlash Player Version10.1.95.2
AdobeFlash Player Version10.1.102.64
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.24% 0.915
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00003.html
http://secunia.com/advisories/43267
http://secunia.com/advisories/43292
http://secunia.com/advisories/43340
http://secunia.com/advisories/43351
http://secunia.com/advisories/43747
http://www.adobe.com/support/security/bulletins/apsb11-02.html
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-0206.html
http://www.redhat.com/support/errata/RHSA-2011-0259.html
http://www.redhat.com/support/errata/RHSA-2011-0368.html
http://www.securitytracker.com/id?1025055
http://www.vupen.com/english/advisories/2011/0348
http://www.vupen.com/english/advisories/2011/0383
http://www.vupen.com/english/advisories/2011/0402
http://www.vupen.com/english/advisories/2011/0646
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=894
http://www.securityfocus.com/bid/46186
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14009
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16231