CVE-2011-2456

2011-11-1116:55:01

CWE-119

adobe

web.nvd.nist.gov

cve-2011-2456

adobe flash player

buffer overflow

arbitrary code execution

nvd

security vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

9.6

Confidence

High

EPSS

0.011

Percentile

84.3%

JSON

Buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors.

Affected configurations

Nvd

Node

adobeflash_playerRange10.0–10.3.183.11

adobeflash_playerRange11.0–11.1.102.55

AND

applemac_os_xMatch-

linuxlinux_kernelMatch-

microsoftwindowsMatch-

sunsolarisMatch-

Node

adobeflash_playerRange11.0–11.1.102.59

AND

googleandroidMatch-

Node

adobeadobe_airRange3.0–3.1.0.4880

VendorProductVersionCPE
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
applemac_os_x-cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
sunsolaris-cpe:2.3:o:sun:solaris:-:*:*:*:*:*:*:*
googleandroid-cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
adobeadobe_air*cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adobe	flash_player	*	cpe:2.3:a:adobe:flash_player::::::::
apple	mac_os_x	-	cpe:2.3:o:apple:mac_os_x:-:::::::*
linux	linux_kernel	-	cpe:2.3:o:linux:linux_kernel:-:::::::*
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*
sun	solaris	-	cpe:2.3:o:sun:solaris:-:::::::*
google	android	-	cpe:2.3:o:google:android:-:::::::*
adobe	adobe_air	*	cpe:2.3:a:adobe:adobe_air::::::::