CVE-2011-2420

EPSS 8.26%
Veröffentlicht 11.08.2011 22:55:01
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle psirt@adobe.com
Teams Watchlist Login
Unerledigt Login

Adobe Shockwave Player before 11.6.1.629 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Adobe ≫ Shockwave Player Version <= 11.6.0.626

Adobe ≫ Shockwave Player Version1.0

Adobe ≫ Shockwave Player Version2.0

Adobe ≫ Shockwave Player Version3.0

Adobe ≫ Shockwave Player Version4.0

Adobe ≫ Shockwave Player Version5.0

Adobe ≫ Shockwave Player Version6.0

Adobe ≫ Shockwave Player Version8.0

Adobe ≫ Shockwave Player Version8.0.196

Adobe ≫ Shockwave Player Version8.0.196a

Adobe ≫ Shockwave Player Version8.0.204

Adobe ≫ Shockwave Player Version8.0.205

Adobe ≫ Shockwave Player Version8.5.1

Adobe ≫ Shockwave Player Version8.5.1.100

Adobe ≫ Shockwave Player Version8.5.1.103

Adobe ≫ Shockwave Player Version8.5.1.105

Adobe ≫ Shockwave Player Version8.5.1.106

Adobe ≫ Shockwave Player Version8.5.321

Adobe ≫ Shockwave Player Version8.5.323

Adobe ≫ Shockwave Player Version8.5.324

Adobe ≫ Shockwave Player Version8.5.325

Adobe ≫ Shockwave Player Version9

Adobe ≫ Shockwave Player Version9.0.383

Adobe ≫ Shockwave Player Version9.0.432

Adobe ≫ Shockwave Player Version10.0.0.210

Adobe ≫ Shockwave Player Version10.0.1.004

Adobe ≫ Shockwave Player Version10.1.0.11

Adobe ≫ Shockwave Player Version10.1.0.011

Adobe ≫ Shockwave Player Version10.1.1.016

Adobe ≫ Shockwave Player Version10.1.4.020

Adobe ≫ Shockwave Player Version10.2.0.021

Adobe ≫ Shockwave Player Version10.2.0.022

Adobe ≫ Shockwave Player Version10.2.0.023

Adobe ≫ Shockwave Player Version11.0.0.456

Adobe ≫ Shockwave Player Version11.0.3.471

Adobe ≫ Shockwave Player Version11.5.0.595

Adobe ≫ Shockwave Player Version11.5.0.596

Adobe ≫ Shockwave Player Version11.5.1.601

Adobe ≫ Shockwave Player Version11.5.2.602

Adobe ≫ Shockwave Player Version11.5.6.606

Adobe ≫ Shockwave Player Version11.5.7.609

Adobe ≫ Shockwave Player Version11.5.8.612

Adobe ≫ Shockwave Player Version11.5.9.615

Adobe ≫ Shockwave Player Version11.5.9.620

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	8.26%	0.919

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.us-cert.gov/cas/techalerts/TA11-222A.html

US Government Resource

http://www.adobe.com/support/security/bulletins/apsb11-19.html

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2011-2420

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-2420

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-2420

EUVD