CVE-2011-2416

2011-08-1022:55:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2011-2416

adobe flash player

integer overflow

arbitrary code execution

security vulnerability

7.4 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.046 Low

EPSS

Percentile

92.5%

JSON

Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138.

CPENameOperatorVersion
adobe:flash_playeradobe flash playerle10.3.181.36
adobe:flash_playeradobe flash playereq6.0.21.0
adobe:flash_playeradobe flash playereq6.0.79
adobe:flash_playeradobe flash playereq7.0
adobe:flash_playeradobe flash playereq7.0.1
adobe:flash_playeradobe flash playereq7.0.14.0
adobe:flash_playeradobe flash playereq7.0.19.0
adobe:flash_playeradobe flash playereq7.0.24.0
adobe:flash_playeradobe flash playereq7.0.25
adobe:flash_playeradobe flash playereq7.0.53.0

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	le	10.3.181.36
adobe:flash_player	adobe flash player	eq	6.0.21.0
adobe:flash_player	adobe flash player	eq	6.0.79
adobe:flash_player	adobe flash player	eq	7.0
adobe:flash_player	adobe flash player	eq	7.0.1
adobe:flash_player	adobe flash player	eq	7.0.14.0
adobe:flash_player	adobe flash player	eq	7.0.19.0
adobe:flash_player	adobe flash player	eq	7.0.24.0
adobe:flash_player	adobe flash player	eq	7.0.25
adobe:flash_player	adobe flash player	eq	7.0.53.0