4.3
CVE-2011-2107
- EPSS 1.08%
- Published 09.06.2011 02:38:36
- Last modified 11.04.2025 00:51:21
- Source psirt@adobe.com
- Teams watchlist Login
- Open Login
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "universal cross-site scripting vulnerability."
Data is provided by the National Vulnerability Database (NVD)
Adobe ≫ Flash Player Version <= 10.3.181.16
Adobe ≫ Flash Player Version6.0.21.0
Adobe ≫ Flash Player Version6.0.79
Adobe ≫ Flash Player Version7.0
Adobe ≫ Flash Player Version7.0.1
Adobe ≫ Flash Player Version7.0.14.0
Adobe ≫ Flash Player Version7.0.19.0
Adobe ≫ Flash Player Version7.0.24.0
Adobe ≫ Flash Player Version7.0.25
Adobe ≫ Flash Player Version7.0.53.0
Adobe ≫ Flash Player Version7.0.60.0
Adobe ≫ Flash Player Version7.0.61.0
Adobe ≫ Flash Player Version7.0.63
Adobe ≫ Flash Player Version7.0.66.0
Adobe ≫ Flash Player Version7.0.67.0
Adobe ≫ Flash Player Version7.0.68.0
Adobe ≫ Flash Player Version7.0.69.0
Adobe ≫ Flash Player Version7.0.70.0
Adobe ≫ Flash Player Version7.0.73.0
Adobe ≫ Flash Player Version7.1
Adobe ≫ Flash Player Version7.1.1
Adobe ≫ Flash Player Version7.2
Adobe ≫ Flash Player Version8.0
Adobe ≫ Flash Player Version8.0.22.0
Adobe ≫ Flash Player Version8.0.24.0
Adobe ≫ Flash Player Version8.0.33.0
Adobe ≫ Flash Player Version8.0.34.0
Adobe ≫ Flash Player Version8.0.35.0
Adobe ≫ Flash Player Version8.0.39.0
Adobe ≫ Flash Player Version8.0.42.0
Adobe ≫ Flash Player Version9.0
Adobe ≫ Flash Player Version9.0.16
Adobe ≫ Flash Player Version9.0.18d60
Adobe ≫ Flash Player Version9.0.20
Adobe ≫ Flash Player Version9.0.20.0
Adobe ≫ Flash Player Version9.0.28
Adobe ≫ Flash Player Version9.0.28.0
Adobe ≫ Flash Player Version9.0.31
Adobe ≫ Flash Player Version9.0.31.0
Adobe ≫ Flash Player Version9.0.45.0
Adobe ≫ Flash Player Version9.0.47.0
Adobe ≫ Flash Player Version9.0.48.0
Adobe ≫ Flash Player Version9.0.112.0
Adobe ≫ Flash Player Version9.0.114.0
Adobe ≫ Flash Player Version9.0.115.0
Adobe ≫ Flash Player Version9.0.124.0
Adobe ≫ Flash Player Version9.0.125.0
Adobe ≫ Flash Player Version9.0.151.0
Adobe ≫ Flash Player Version9.0.152.0
Adobe ≫ Flash Player Version9.0.155.0
Adobe ≫ Flash Player Version9.0.159.0
Adobe ≫ Flash Player Version9.0.246.0
Adobe ≫ Flash Player Version9.0.260.0
Adobe ≫ Flash Player Version9.0.262.0
Adobe ≫ Flash Player Version9.0.277.0
Adobe ≫ Flash Player Version9.0.283.0
Adobe ≫ Flash Player Version9.125.0
Adobe ≫ Flash Player Version10.0.0.584
Adobe ≫ Flash Player Version10.0.12.10
Adobe ≫ Flash Player Version10.0.12.36
Adobe ≫ Flash Player Version10.0.15.3
Adobe ≫ Flash Player Version10.0.22.87
Adobe ≫ Flash Player Version10.0.32.18
Adobe ≫ Flash Player Version10.0.42.34
Adobe ≫ Flash Player Version10.0.45.2
Adobe ≫ Flash Player Version10.1.52.14.1
Adobe ≫ Flash Player Version10.1.52.15
Adobe ≫ Flash Player Version10.1.53.64
Adobe ≫ Flash Player Version10.1.82.76
Adobe ≫ Flash Player Version10.1.85.3
Adobe ≫ Flash Player Version10.1.92.8
Adobe ≫ Flash Player Version10.1.92.10
Adobe ≫ Flash Player Version10.1.95.1
Adobe ≫ Flash Player Version10.1.95.2
Adobe ≫ Flash Player Version10.1.102.64
Adobe ≫ Flash Player Version10.2.152
Adobe ≫ Flash Player Version10.2.152.32
Adobe ≫ Flash Player Version10.2.152.33
Adobe ≫ Flash Player Version10.2.153.1
Adobe ≫ Flash Player Version10.2.154.13
Adobe ≫ Flash Player Version10.2.154.25
Adobe ≫ Flash Player Version10.2.159.1
Adobe ≫ Flash Player Version10.3.181.14
Adobe ≫ Flash Player Version <= 10.3.185.22
Adobe ≫ Flash Player Version10.1.92.8
Adobe ≫ Flash Player Version10.1.92.10
Adobe ≫ Flash Player Version10.1.95.2
Adobe ≫ Flash Player Version10.1.105.6
Adobe ≫ Flash Player Version10.1.106.16
Adobe ≫ Flash Player Version10.2.156.12
Adobe ≫ Flash Player Version10.2.157.51
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.08% | 0.758 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.