9.3

CVE-2011-0609

Warnung
Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeFlash Player Version <= 10.2.154.13
   ApplemacOS X Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
   OracleSolaris Version-
AdobeFlash Player Version <= 10.1.106.16
   GoogleAndroid Version-
AdobeAcrobat Version >= 9.0 <= 9.4.2
   ApplemacOS X Version-
   MicrosoftWindows Version-
AdobeAcrobat Version10.0
   ApplemacOS X Version-
   MicrosoftWindows Version-
AdobeAcrobat Version10.0.1
   ApplemacOS X Version-
   MicrosoftWindows Version-
AdobeAcrobat Reader Version >= 9.0 <= 9.4.2
   ApplemacOS X Version-
   MicrosoftWindows Version-
AdobeAcrobat Reader Version10.0
   ApplemacOS X Version-
   MicrosoftWindows Version-
AdobeAcrobat Reader Version10.0.1
   ApplemacOS X Version-
   MicrosoftWindows Version-
AdobeAir Version <= 2.5.1
OpensuseOpensuse Version11.2
OpensuseOpensuse Version11.3
OpensuseOpensuse Version11.4
SuseLinux Enterprise Version10.0 Updatesp3
SuseLinux Enterprise Version11.0 Updatesp1
GoogleChrome Version < 10.0.648.134
   ApplemacOS Version-
   GoogleChrome Os Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-

08.06.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Adobe Flash Player Unspecified Vulnerability

Schwachstelle

Adobe Flash Player contains an unspecified vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).

Beschreibung

The impacted product is end-of-life and should be disconnected if still in use.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 66.82% 0.992
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html
Third Party Advisory
Mailing List
http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html
Broken Link
http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.html
Third Party Advisory
http://secunia.com/advisories/43751
Broken Link
http://secunia.com/advisories/43757
Broken Link
http://secunia.com/advisories/43772
Broken Link
http://secunia.com/advisories/43856
Broken Link
http://securityreason.com/securityalert/8152
Broken Link
http://www.adobe.com/support/security/advisories/apsa11-01.html
Vendor Advisory
http://www.adobe.com/support/security/bulletins/apsb11-06.html
Not Applicable
http://www.kb.cert.org/vuls/id/192052
Third Party Advisory
US Government Resource
http://www.redhat.com/support/errata/RHSA-2011-0372.html
Broken Link
http://www.securityfocus.com/bid/46860
Third Party Advisory
Broken Link
VDB Entry
http://www.securitytracker.com/id?1025210
Third Party Advisory
Broken Link
VDB Entry
http://www.securitytracker.com/id?1025211
Third Party Advisory
Broken Link
VDB Entry
http://www.securitytracker.com/id?1025238
Third Party Advisory
Broken Link
VDB Entry
http://www.vupen.com/english/advisories/2011/0655
Broken Link
http://www.vupen.com/english/advisories/2011/0656
Broken Link
http://www.vupen.com/english/advisories/2011/0688
Broken Link
http://www.vupen.com/english/advisories/2011/0732
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/66078
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14147
Broken Link
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2011-0609
US Government Resource