Lucene search

[email protected]NVD:CVE-2011-0609

HistoryMar 15, 2011 - 5:55 p.m.

CVE-2011-0609

2011-03-1517:55:03

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.972 High

EPSS

Percentile

99.8%

JSON

Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.

Affected configurations

NVD

Node

adobeflash_playerRange≤10.2.154.13

AND

applemac_os_xMatch-

linuxlinux_kernelMatch-

microsoftwindowsMatch-

oraclesolarisMatch-

Node

adobeflash_playerRange≤10.1.106.16

AND

googleandroidMatch-

Node

adobeacrobatRange9.0–9.4.2

adobeacrobatMatch10.0

adobeacrobatMatch10.0.1

adobeacrobat_readerRange9.0–9.4.2

adobeacrobat_readerMatch10.0

adobeacrobat_readerMatch10.0.1

AND

applemac_os_xMatch-

microsoftwindowsMatch-

Node

adobeairRange≤2.5.1

Node

opensuseopensuseMatch11.2

opensuseopensuseMatch11.3

opensuseopensuseMatch11.4

suselinux_enterpriseMatch10.0sp3

suselinux_enterpriseMatch11.0sp1

Node

googlechromeRange<10.0.648.134

AND

applemacosMatch-

googlechrome_osMatch-

linuxlinux_kernelMatch-

microsoftwindowsMatch-

References

blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html

googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.html

lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html

secunia.com/advisories/43751

secunia.com/advisories/43757

secunia.com/advisories/43772

secunia.com/advisories/43856

securityreason.com/securityalert/8152

www.adobe.com/support/security/advisories/apsa11-01.html

www.adobe.com/support/security/bulletins/apsb11-06.html

www.kb.cert.org/vuls/id/192052

www.redhat.com/support/errata/RHSA-2011-0372.html

www.securityfocus.com/bid/46860

www.securitytracker.com/id?1025210

www.securitytracker.com/id?1025211

www.securitytracker.com/id?1025238

www.vupen.com/english/advisories/2011/0655

www.vupen.com/english/advisories/2011/0656

www.vupen.com/english/advisories/2011/0688

www.vupen.com/english/advisories/2011/0732

exchange.xforce.ibmcloud.com/vulnerabilities/66078

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14147

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.972 High

EPSS

Percentile

99.8%

JSON

Related for NVD:CVE-2011-0609