9.3

CVE-2011-2458

Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, when Internet Explorer is used, allows remote attackers to bypass the cross-domain policy via a crafted web site.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeFlash Player Version >= 10.0 < 10.3.183.11
   ApplemacOS X Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
   SunSolaris Version-
AdobeFlash Player Version >= 11.0 < 11.1.102.55
   ApplemacOS X Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
   SunSolaris Version-
AdobeFlash Player Version >= 11.0 < 11.1.102.59
   GoogleAndroid Version-
AdobeAdobe Air Version >= 3.0 < 3.1.0.4880
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.6% 0.88
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00014.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00017.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00019.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/48819
Third Party Advisory
http://security.gentoo.org/glsa/glsa-201204-07.xml
Third Party Advisory
http://www.adobe.com/support/security/bulletins/apsb11-28.html
Patch
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14014
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16179
Third Party Advisory