CVE-2011-0628

2011-05-3120:55:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2011-0628

adobe flash player

integer overflow

windows

mac os x

linux

solaris

android

code execution

actionscript

nvd

7.6 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.086 Low

EPSS

Percentile

94.5%

JSON

Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows remote attackers to execute arbitrary code via ActionScript that improperly handles a long array object.

CPENameOperatorVersion
adobe:flash_playeradobe flash playerle10.2.159.1
adobe:flash_playeradobe flash playereq6.0.21.0
adobe:flash_playeradobe flash playereq6.0.79
adobe:flash_playeradobe flash playereq7.0
adobe:flash_playeradobe flash playereq7.0.1
adobe:flash_playeradobe flash playereq7.0.14.0
adobe:flash_playeradobe flash playereq7.0.19.0
adobe:flash_playeradobe flash playereq7.0.24.0
adobe:flash_playeradobe flash playereq7.0.25
adobe:flash_playeradobe flash playereq7.0.53.0

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	le	10.2.159.1
adobe:flash_player	adobe flash player	eq	6.0.21.0
adobe:flash_player	adobe flash player	eq	6.0.79
adobe:flash_player	adobe flash player	eq	7.0
adobe:flash_player	adobe flash player	eq	7.0.1
adobe:flash_player	adobe flash player	eq	7.0.14.0
adobe:flash_player	adobe flash player	eq	7.0.19.0
adobe:flash_player	adobe flash player	eq	7.0.24.0
adobe:flash_player	adobe flash player	eq	7.0.25
adobe:flash_player	adobe flash player	eq	7.0.53.0