CVE-2011-2452

HIGH

Description

Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.

References

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00014.html

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00017.html

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00019.html

http://secunia.com/advisories/48819

http://security.gentoo.org/glsa/glsa-201204-07.xml

http://www.adobe.com/support/security/bulletins/apsb11-28.html

http://www.redhat.com/support/errata/RHSA-2011-1445.html

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14189

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16079

Details

Source: MITRE

Published: 2011-11-11

Updated: 2018-11-29

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

AND

OR

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*

OR

cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*

cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

cpe:2.3:o:sun:solaris:-:*:*:*:*:*:*:*

Configuration 2

AND

OR

cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*

OR

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*

Tenable Plugins

View all (17 total)

IDNameProductFamilySeverity
80611Oracle Solaris Third-Party Patch Update : flash (multiple_vulnerabilities_in_adobe_flashplayer4)NessusSolaris Local Security Checks
critical
75840openSUSE Security Update : flash-player (openSUSE-SU-2011:1240-2)NessusSuSE Local Security Checks
critical
75839openSUSE Security Update : flash-player (openSUSE-SU-2011:1240-1)NessusSuSE Local Security Checks
critical
75502openSUSE Security Update : flash-player (openSUSE-SU-2011:1240-1)NessusSuSE Local Security Checks
critical
74525openSUSE Security Update : flash-player (openSUSE-2011-4)NessusSuSE Local Security Checks
critical
59623GLSA-201204-07 : Adobe Flash Player: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
59684HP Systems Insight Manager < 7.0 Multiple VulnerabilitiesNessusWindows
critical
57195SuSE 10 Security Update : flash-player (ZYPP Patch Number 7832)NessusSuSE Local Security Checks
critical
57102SuSE 11.1 Security Update : flash-player (SAT Patch Number 5413)NessusSuSE Local Security Checks
critical
57044Adobe Reader <= 10.1.1 / 9.4.6 U3D Memory Corruption (APSA11-04, APSB11-28, APSB11-30, APSB12-01) (Mac OS X)NessusMacOS X Local Security Checks
high
56962Adobe AIR for Mac <= 3.0 Multiple Vulnerabilities (APSB11-28)NessusMacOS X Local Security Checks
high
56959Adobe AIR <= 3.0 Multiple Vulnerabilities (APSB11-28)NessusWindows
critical
6097Flash Player < 10.3.183.11 / 11.1.102.55 Multiple Vulnerabilities (APSB11-28)Nessus Network MonitorWeb Clients
high
56875Flash Player for Mac <= 10.3.183.10 / 11.0.1.152 Multiple Vulnerabilities (APSB11-28)NessusMacOS X Local Security Checks
high
56874Flash Player <= 10.3.183.10 / 11.0.1.152 Multiple Vulnerabilities (APSB11-28)NessusWindows
high
56811RHEL 5 / 6 : flash-plugin (RHSA-2011:1445)NessusRed Hat Local Security Checks
critical
56803FreeBSD : linux-flashplugin -- multiple vulnerabilities (0e8e1212-0ce5-11e1-849b-003067b2972c)NessusFreeBSD Local Security Checks
critical