Search...

Security update for flash-player (critical)

2011-11-15T16:08:21

ID SUSE-SU-2011:1244-1
Type suse
Reporter Suse
Modified 2011-11-15T16:08:21

Description

flash-player update to version 11.1.102.55 to fix the following critical security issues:

CVE-2011-2445, CVE-2011-2450, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2456, CVE-2011-2457, CVE-2011-2458, CVE-2011-2459, CVE-2011-2460

JSON Vulners Source

Initial Source

{"bulletinFamily": "unix", "hash": "f7e04f0b10e8237d4c88879dcdf27d4b6297b98acd1f7553c46b37f0b212dabc", "id": "SUSE-SU-2011:1244-1", "lastseen": "2016-09-04T12:05:45", "description": "flash-player update to version 11.1.102.55 to fix the\n following critical security issues:\n\n CVE-2011-2445, CVE-2011-2450, CVE-2011-2451, CVE-2011-2452,\n CVE-2011-2453, CVE-2011-2454, CVE-2011-2455,\n CVE-2011-2456, CVE-2011-2457, CVE-2011-2458,\n CVE-2011-2459, CVE-2011-2460\n", "objectVersion": "1.2", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "viewCount": 0, "published": "2011-11-15T16:08:21", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00017.html", "references": ["http://download.novell.com/patch/finder/?keywords=7672429bea5968bf9bb609fe9aee6ff2", "https://bugzilla.novell.com/729797", "http://download.novell.com/patch/finder/?keywords=b3a0a701db9d82c8a67829192d261f23"], "reporter": "Suse", "edition": 1, "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "title": "Security update for flash-player (critical)", "history": [], "modified": "2011-11-15T16:08:21", "enchantments": {"vulnersScore": 5.0}, "type": "suse", "affectedPackage": [{"arch": "i586", "packageFilename": "flash-player-10.3.183.11-0.5.1.i586.rpm", "OSVersion": "10.4", "operator": "lt", "packageName": "flash-player", "packageVersion": "10.3.183.11-0.5.1", "OS": "SUSE Linux Enterprise Desktop"}, {"arch": "i586", "packageFilename": "flash-player-10.3.183.11-0.2.1.i586.rpm", "OSVersion": "11.1", "operator": "lt", "packageName": "flash-player", "packageVersion": "10.3.183.11-0.2.1", "OS": "SUSE Linux Enterprise Desktop"}]}

{"result": {"cve": [{"id": "CVE-2011-2453", "type": "cve", "title": "CVE-2011-2453", "description": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.", "published": "2011-11-11T11:55:01", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2453", "cvelist": ["CVE-2011-2453"], "lastseen": "2017-09-19T13:37:37"}, {"id": "CVE-2011-2445", "type": "cve", "title": "CVE-2011-2445", "description": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.", "published": "2011-11-11T11:55:01", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2445", "cvelist": ["CVE-2011-2445"], "lastseen": "2017-09-19T13:37:37"}, {"id": "CVE-2011-2457", "type": "cve", "title": "CVE-2011-2457", "description": "Stack-based buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors.", "published": "2011-11-11T11:55:01", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2457", "cvelist": ["CVE-2011-2457"], "lastseen": "2017-09-19T13:37:37"}, {"id": "CVE-2011-2452", "type": "cve", "title": "CVE-2011-2452", "description": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.", "published": "2011-11-11T11:55:01", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2452", "cvelist": ["CVE-2011-2452"], "lastseen": "2017-09-19T13:37:37"}, {"id": "CVE-2011-2451", "type": "cve", "title": "CVE-2011-2451", "description": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.", "published": "2011-11-11T11:55:01", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2451", "cvelist": ["CVE-2011-2451"], "lastseen": "2017-09-19T13:37:37"}, {"id": "CVE-2011-2455", "type": "cve", "title": "CVE-2011-2455", "description": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2459, and CVE-2011-2460.", "published": "2011-11-11T11:55:01", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2455", "cvelist": ["CVE-2011-2455"], "lastseen": "2017-09-19T13:37:37"}, {"id": "CVE-2011-2459", "type": "cve", "title": "CVE-2011-2459", "description": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460.", "published": "2011-11-11T11:55:01", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2459", "cvelist": ["CVE-2011-2459"], "lastseen": "2017-09-19T13:37:37"}, {"id": "CVE-2011-2458", "type": "cve", "title": "CVE-2011-2458", "description": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, when Internet Explorer is used, allows remote attackers to bypass the cross-domain policy via a crafted web site.", "published": "2011-11-11T11:55:01", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2458", "cvelist": ["CVE-2011-2458"], "lastseen": "2017-09-19T13:37:37"}, {"id": "CVE-2011-2456", "type": "cve", "title": "CVE-2011-2456", "description": "Buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors.", "published": "2011-11-11T11:55:01", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2456", "cvelist": ["CVE-2011-2456"], "lastseen": "2017-09-19T13:37:37"}, {"id": "CVE-2011-2460", "type": "cve", "title": "CVE-2011-2460", "description": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2459.", "published": "2011-11-11T11:55:01", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2460", "cvelist": ["CVE-2011-2460"], "lastseen": "2017-09-19T13:37:37"}], "openvas": [{"id": "OPENVAS:70604", "type": "openvas", "title": "FreeBSD Ports: linux-f10-flashplugin", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2012-02-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=70604", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2017-07-02T21:10:50"}, {"id": "OPENVAS:902751", "type": "openvas", "title": "Adobe Flash Player/Air Multiple Vulnerabilities - November 11 (MAC OS X)", "description": "This host is installed with Adobe Flash Player/Air and is prone to\n multiple vulnerabilities.", "published": "2011-11-16T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=902751", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2017-09-05T11:22:20"}, {"id": "OPENVAS:902752", "type": "openvas", "title": "Adobe Flash Player Multiple Vulnerabilities - November 11 (Linux)", "description": "This host is installed with Adobe Flash Player and is prone to\n multiple vulnerabilities.", "published": "2011-11-16T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=902752", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2017-09-04T14:19:56"}, {"id": "OPENVAS:1361412562310902752", "type": "openvas", "title": "Adobe Flash Player Multiple Vulnerabilities - November 11 (Linux)", "description": "This host is installed with Adobe Flash Player and is prone to\n multiple vulnerabilities.", "published": "2011-11-16T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902752", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2018-04-06T11:35:52"}, {"id": "OPENVAS:136141256231070604", "type": "openvas", "title": "FreeBSD Ports: linux-f10-flashplugin", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "published": "2012-02-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070604", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2018-04-06T11:19:45"}, {"id": "OPENVAS:1361412562310902751", "type": "openvas", "title": "Adobe Flash Player/Air Multiple Vulnerabilities - November 11 (MAC OS X)", "description": "This host is installed with Adobe Flash Player/Air and is prone to\n multiple vulnerabilities.", "published": "2011-11-16T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902751", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2018-04-06T11:35:54"}, {"id": "OPENVAS:902750", "type": "openvas", "title": "Adobe Flash Player/Air Multiple Vulnerabilities - November 11 (Windows)", "description": "This host is installed with Adobe Flash Player/Air and is prone to\n multiple vulnerabilities.", "published": "2011-11-16T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=902750", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2018-01-02T11:04:30"}, {"id": "OPENVAS:1361412562310902750", "type": "openvas", "title": "Adobe Flash Player/Air Multiple Vulnerabilities - November 11 (Windows)", "description": "This host is installed with Adobe Flash Player/Air and is prone to\n multiple vulnerabilities.", "published": "2011-11-16T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902750", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2018-04-06T11:35:24"}, {"id": "OPENVAS:136141256231071317", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201204-07 (Adobe Flash Player)", "description": "The remote host is missing updates announced in\nadvisory GLSA 201204-07.", "published": "2012-04-30T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071317", "cvelist": ["CVE-2011-2453", "CVE-2012-0754", "CVE-2012-0773", "CVE-2011-2445", "CVE-2012-0752", "CVE-2012-0753", "CVE-2011-2457", "CVE-2012-0769", "CVE-2012-0768", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2012-0756", "CVE-2011-2456", "CVE-2012-0755", "CVE-2011-2460", "CVE-2011-2450", "CVE-2012-0767", "CVE-2011-2454"], "lastseen": "2018-04-06T11:20:36"}, {"id": "OPENVAS:71317", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201204-07 (Adobe Flash Player)", "description": "The remote host is missing updates announced in\nadvisory GLSA 201204-07.", "published": "2012-04-30T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=71317", "cvelist": ["CVE-2011-2453", "CVE-2012-0754", "CVE-2012-0773", "CVE-2011-2445", "CVE-2012-0752", "CVE-2012-0753", "CVE-2011-2457", "CVE-2012-0769", "CVE-2012-0768", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2012-0756", "CVE-2011-2456", "CVE-2012-0755", "CVE-2011-2460", "CVE-2011-2450", "CVE-2012-0767", "CVE-2011-2454"], "lastseen": "2017-07-24T12:51:16"}], "nessus": [{"id": "SUSE_11_4_FLASH-PLAYER-111115.NASL", "type": "nessus", "title": "openSUSE Security Update : flash-player (openSUSE-SU-2011:1240-2)", "description": "flash-player update to version 11.1.102.55 to fix the following critical security issues :\n\nCVE-2011-2445, CVE-2011-2450, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2456, CVE-2011-2457, CVE-2011-2458, CVE-2011-2459, CVE-2011-2460", "published": "2014-06-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=75840", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2018-07-01T13:45:37"}, {"id": "MACOSX_FLASH_PLAYER_11_1_102_55.NASL", "type": "nessus", "title": "Flash Player for Mac <= 10.3.183.10 / 11.0.1.152 Multiple Vulnerabilities (APSB11-28)", "description": "According to its version, the instance of Flash Player installed on the remote Mac OS X host is 10.x equal to or earlier than 10.3.183.10 or 11.x equal to or earlier than 11.0.1.152. It is therefore reportedly affected by several critical vulnerabilities :\n\n - Several unspecified memory corruption errors exist that could lead to code execution.\n (CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, CVE-2011-2460)\n\n - An unspecified heap corruption error exists that could lead to code execution. (CVE-2011-2450)\n\n - An unspecified buffer overflow error exists that could lead to code execution. (CVE-2011-2456)\n\n - An unspecified stack overflow error exists that could lead to code execution. (CVE-2011-2457)", "published": "2011-11-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=56875", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2018-07-18T13:36:10"}, {"id": "OPENSUSE-2011-4.NASL", "type": "nessus", "title": "openSUSE Security Update : flash-player (openSUSE-2011-4)", "description": "This update provides flash-player 11.1.102.55, which files the following critical security issues :\n\n - This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2445).\n\n - This update resolves a heap corruption vulnerability that could lead to code execution (CVE-2011-2450).\n\n - This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2451).\n\n - This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2452).\n\n - This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2453).\n\n - This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2454).\n\n - This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2455).\n\n - This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2011-2456).\n\n - This update resolves a stack overflow vulnerability that could lead to code execution (CVE-2011-2457).\n\n - This update resolves a vulnerability that could lead to a cross-domain policy bypass (Internet Explorer-only) (CVE-2011-2458).\n\n - This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2459).\n\n - This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2011-2460).", "published": "2014-06-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=74525", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2018-07-01T13:44:33"}, {"id": "FLASH_PLAYER_APSB11-28.NASL", "type": "nessus", "title": "Flash Player <= 10.3.183.10 / 11.0.1.152 Multiple Vulnerabilities (APSB11-28)", "description": "According to its version, the instance of Flash Player installed on the remote Windows host is 10.x equal to or earlier than 10.3.183.10 or 11.x equal to or earlier than 11.0.1.152. It is, therefore, reportedly affected by several critical vulnerabilities :\n\n - Several unspecified memory corruption errors exist that could lead to code execution. (CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, CVE-2011-2460)\n\n - An unspecified heap corruption error exists that could lead to code execution. (CVE-2011-2450)\n\n - An unspecified buffer overflow error exists that could lead to code execution. (CVE-2011-2456)\n\n - An unspecified stack overflow error exists that could lead to code execution. (CVE-2011-2457)\n\n - An unspecified error related to Internet Explorer can allow cross-domain policy violations. (CVE-2011-2458)", "published": "2011-11-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=56874", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2018-07-13T06:23:23"}, {"id": "MACOSX_ADOBE_AIR_3_1_0_4880.NASL", "type": "nessus", "title": "Adobe AIR for Mac <= 3.0 Multiple Vulnerabilities (APSB11-28)", "description": "According to its version, the instance of Adobe AIR installed on the remote Mac OS X host is 3.0 or earlier. It is therefore reportedly affected by several critical vulnerabilities :\n\n - Several unspecified memory corruption errors exist that could lead to code execution.\n (CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, CVE-2011-2460)\n\n - An unspecified heap corruption error exists that could lead to code execution. (CVE-2011-2450)\n\n - An unspecified buffer overflow error exists that could lead to code execution. (CVE-2011-2456)\n\n - An unspecified stack overflow error exists that could lead to code execution. (CVE-2011-2457)", "published": "2011-11-28T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=56962", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2018-07-18T13:30:28"}, {"id": "SUSE_11_FLASH-PLAYER-111111.NASL", "type": "nessus", "title": "SuSE 11.1 Security Update : flash-player (SAT Patch Number 5413)", "description": "flash-player update to version 11.1.102.55 to fix the following critical security issues :\n\nCVE-2011-2445 / CVE-2011-2450 / CVE-2011-2451 / CVE-2011-2452 / CVE-2011-2453 / CVE-2011-2454 / CVE-2011-2455 / CVE-2011-2456 / CVE-2011-2457 / CVE-2011-2458 / CVE-2011-2459 / CVE-2011-2460", "published": "2011-12-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=57102", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2018-07-01T14:01:01"}, {"id": "SOLARIS11_FLASH_20120207.NASL", "type": "nessus", "title": "Oracle Solaris Third-Party Patch Update : flash (multiple_vulnerabilities_in_adobe_flashplayer4)", "description": "The remote Solaris system is missing necessary patches to address security updates :\n\n - Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. (CVE-2011-2445)\n\n - Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. (CVE-2011-2450)\n\n - Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. (CVE-2011-2451)\n\n - Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. (CVE-2011-2452)\n\n - Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. (CVE-2011-2453)\n\n - Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460. (CVE-2011-2454)\n\n - Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2459, and CVE-2011-2460. (CVE-2011-2455)\n\n - Buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors. (CVE-2011-2456)\n\n - Stack-based buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors. (CVE-2011-2457)\n\n - Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, when Internet Explorer is used, allows remote attackers to bypass the cross-domain policy via a crafted web site. (CVE-2011-2458)\n\n - Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460. (CVE-2011-2459)\n\n - Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2459. (CVE-2011-2460)", "published": "2015-01-19T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=80611", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2018-07-01T13:38:03"}, {"id": "SUSE_11_3_FLASH-PLAYER-110921.NASL", "type": "nessus", "title": "openSUSE Security Update : flash-player (openSUSE-SU-2011:1240-1)", "description": "flash-player update to version 11.1.102.55 to fix the following critical security issues :\n\nCVE-2011-2445, CVE-2011-2450, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2456, CVE-2011-2457, CVE-2011-2458, CVE-2011-2459, CVE-2011-2460", "published": "2014-06-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=75502", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2018-07-01T14:15:25"}, {"id": "ADOBE_AIR_APSB11-28.NASL", "type": "nessus", "title": "Adobe AIR <= 3.0 Multiple Vulnerabilities (APSB11-28)", "description": "According to its version, the instance of Adobe AIR installed on the remote Windows host is 3.0 or earlier and is reportedly affected by several critical vulnerabilities :\n\n - Several unspecified memory corruption errors exist that could lead to code execution.\n (CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, CVE-2011-2460)\n\n - An unspecified heap corruption error exists that could lead to code execution. (CVE-2011-2450)\n\n - An unspecified buffer overflow error exists that could lead to code execution. (CVE-2011-2456)\n\n - An unspecified stack overflow error exists that could lead to code execution. (CVE-2011-2457)\n\n - An unspecified error related to Internet Explorer can allow cross-domain policy violations. (CVE-2011-2458)\n\nBy tricking a user on the affected system into opening a specially crafted document with Flash content, an attacker could leverage these vulnerabilities to execute arbitrary code remotely on the system subject to the user's privileges.", "published": "2011-11-28T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=56959", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2018-06-29T05:33:51"}, {"id": "FREEBSD_PKG_0E8E12120CE511E1849B003067B2972C.NASL", "type": "nessus", "title": "FreeBSD : linux-flashplugin -- multiple vulnerabilities (0e8e1212-0ce5-11e1-849b-003067b2972c)", "description": "Adobe Product Security Incident Response Team reports :\n\nCritical vulnerabilities have been identified in Adobe Flash Player 11.0.1.152 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 11.0.1.153 and earlier versions for Android.\n\nIn addition a patch was released for users of flash10.", "published": "2011-11-14T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=56803", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2018-07-01T13:52:43"}], "freebsd": [{"id": "0E8E1212-0CE5-11E1-849B-003067B2972C", "type": "freebsd", "title": "linux-flashplugin -- multiple vulnerabilities", "description": "\nAdobe Product Security Incident Response Team reports:\n\nCritical vulnerabilities have been identified in Adobe Flash\n\t Player 11.0.1.152 and earlier versions for Windows, Macintosh,\n\t Linux and Solaris, and Adobe Flash Player 11.0.1.153 and earlier\n\t versions for Android.\n\nIn addition a patch was released for users of flash10.\n", "published": "2011-11-10T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vuxml.freebsd.org/freebsd/0e8e1212-0ce5-11e1-849b-003067b2972c.html", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2016-09-26T17:24:42"}], "suse": [{"id": "OPENSUSE-SU-2011:1240-1", "type": "suse", "title": "VUL-0: flash-player: sec. update to version 11.1.102.55 (critical)", "description": "flash-player update to version 11.1.102.55 to fix the\n following critical security issues:\n\n CVE-2011-2445, CVE-2011-2450, CVE-2011-2451, CVE-2011-2452,\n CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2456,\n CVE-2011-2457, CVE-2011-2458, CVE-2011-2459, CVE-2011-2460\n\n", "published": "2011-11-15T14:08:24", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00014.html", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2016-09-04T12:33:54"}, {"id": "OPENSUSE-SU-2011:1240-2", "type": "suse", "title": "VUL-0: flash-player: sec. update to version 11.1.102.55 (critical)", "description": "flash-player update to version 11.1.102.55 to fix the\n following critical security issues:\n\n CVE-2011-2445, CVE-2011-2450, CVE-2011-2451, CVE-2011-2452,\n CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2456,\n CVE-2011-2457, CVE-2011-2458, CVE-2011-2459, CVE-2011-2460\n\n", "published": "2011-11-16T17:08:30", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00018.html", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2016-09-04T11:43:03"}, {"id": "SUSE-SA:2011:043", "type": "suse", "title": "remote code execution in flash-player", "description": "flash-player was updated to version 11.1.102.55 to fix multiple security vulnerabilities that could be exploited by attackers to execute arbitrary code or to cause a denial of service via specially crafted flash content.\n#### Solution\nThere is no known workaround, please install the update packages.", "published": "2011-11-17T11:56:32", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00019.html", "cvelist": ["CVE-2011-2453", "CVE-2011-2445", "CVE-2011-2457", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2011-2456", "CVE-2011-2460", "CVE-2011-2450", "CVE-2011-2454"], "lastseen": "2016-09-04T11:29:31"}], "redhat": [{"id": "RHSA-2011:1445", "type": "redhat", "title": "(RHSA-2011:1445) Critical: flash-plugin security update", "description": "The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in.\n\nThis update fixes multiple vulnerabilities in Adobe Flash Player. These\nvulnerabilities are detailed on the Adobe security page APSB11-28, listed\nin the References section.\n\nMultiple security flaws were found in the way flash-plugin displayed\ncertain SWF content. An attacker could use these flaws to create a\nspecially-crafted SWF file that would cause flash-plugin to crash or,\npotentially, execute arbitrary code when the victim loaded a page\ncontaining the specially-crafted SWF content. (CVE-2011-2445,\nCVE-2011-2450, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454,\nCVE-2011-2455, CVE-2011-2456, CVE-2011-2457, CVE-2011-2459, CVE-2011-2460)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 10.3.183.11.\n", "published": "2011-11-11T05:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2011:1445", "cvelist": ["CVE-2011-2445", "CVE-2011-2450", "CVE-2011-2451", "CVE-2011-2452", "CVE-2011-2453", "CVE-2011-2454", "CVE-2011-2455", "CVE-2011-2456", "CVE-2011-2457", "CVE-2011-2459", "CVE-2011-2460"], "lastseen": "2018-06-12T23:59:39"}], "gentoo": [{"id": "GLSA-201204-07", "type": "gentoo", "title": "Adobe Flash Player: Multiple vulnerabilities", "description": "### Background\n\nThe Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted SWF file, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass intended access restrictions, bypass cross-domain policy, inject arbitrary web script, or obtain sensitive information. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Adobe Flash Player users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=www-plugins/adobe-flash-11.2.202.228\"", "published": "2012-04-17T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/201204-07", "cvelist": ["CVE-2011-2453", "CVE-2012-0754", "CVE-2012-0773", "CVE-2011-2445", "CVE-2012-0752", "CVE-2012-0753", "CVE-2011-2457", "CVE-2012-0769", "CVE-2012-0768", "CVE-2011-2452", "CVE-2011-2451", "CVE-2011-2455", "CVE-2011-2459", "CVE-2011-2458", "CVE-2012-0756", "CVE-2011-2456", "CVE-2012-0755", "CVE-2011-2460", "CVE-2011-2450", "CVE-2012-0767", "CVE-2011-2454"], "lastseen": "2016-09-06T19:47:06"}], "symantec": [{"id": "SMNTC-50622", "type": "symantec", "title": "Adobe Flash Player CVE-2011-2452 Remote Memory Corruption Vulnerability", "description": "### Description\n\nAdobe Flash Player is prone to an unspecified remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.\n\n### Technologies Affected\n\n * Adobe AIR 2.0.2 \n * Adobe AIR 2.0.3 \n * Adobe AIR 2.0.4 \n * Adobe AIR 2.5.1 \n * Adobe AIR 2.6 \n * Adobe AIR 2.7 \n * Adobe AIR 2.7.1 \n * Adobe AIR 3.0 \n * Adobe Flash Player 10 \n * Adobe Flash Player 10.0.0.584 \n * Adobe Flash Player 10.0.12 .35 \n * Adobe Flash Player 10.0.12 .36 \n * Adobe Flash Player 10.0.12.10 \n * Adobe Flash Player 10.0.15 .3 \n * Adobe Flash Player 10.0.22.87 \n * Adobe Flash Player 10.0.32 18 \n * Adobe Flash Player 10.0.32.18 \n * Adobe Flash Player 10.0.42.34 \n * Adobe Flash Player 10.0.45 2 \n * Adobe Flash Player 10.0.45 2 \n * Adobe Flash Player 10.0.45.2 \n * Adobe Flash Player 10.1 Release Candidate \n * Adobe Flash Player 10.1.102.64 \n * Adobe Flash Player 10.1.102.65 \n * Adobe Flash Player 10.1.105.6 \n * Adobe Flash Player 10.1.106.16 \n * Adobe Flash Player 10.1.51.66 \n * Adobe Flash Player 10.1.52.14.1 \n * Adobe Flash Player 10.1.52.15 \n * Adobe Flash Player 10.1.53.64 \n * Adobe Flash Player 10.1.82.76 \n * Adobe Flash Player 10.1.85.3 \n * Adobe Flash Player 10.1.92.10 \n * Adobe Flash Player 10.1.92.10 \n * Adobe Flash Player 10.1.92.8 \n * Adobe Flash Player 10.1.95.1 \n * Adobe Flash Player 10.1.95.2 \n * Adobe Flash Player 10.1.95.2 \n * Adobe Flash Player 10.2.152 \n * Adobe Flash Player 10.2.152.21 \n * Adobe Flash Player 10.2.152.32 \n * Adobe Flash Player 10.2.152.33 \n * Adobe Flash Player 10.2.153.1 \n * Adobe Flash Player 10.2.154.13 \n * Adobe Flash Player 10.2.154.18 \n * Adobe Flash Player 10.2.154.24 \n * Adobe Flash Player 10.2.154.25 \n * Adobe Flash Player 10.2.154.27 \n * Adobe Flash Player 10.2.154.28 \n * Adobe Flash Player 10.2.156.12 \n * Adobe Flash Player 10.2.157.51 \n * Adobe Flash Player 10.2.159.1 \n * Adobe Flash Player 10.3.181.14 \n * Adobe Flash Player 10.3.181.16 \n * Adobe Flash Player 10.3.181.16 \n * Adobe Flash Player 10.3.181.22 \n * Adobe Flash Player 10.3.181.23 \n * Adobe Flash Player 10.3.181.26 \n * Adobe Flash Player 10.3.181.34 \n * Adobe Flash Player 10.3.183.10 \n * Adobe Flash Player 10.3.183.4 \n * Adobe Flash Player 10.3.183.5 \n * Adobe Flash Player 10.3.183.7 \n * Adobe Flash Player 10.3.185.21 \n * Adobe Flash Player 10.3.185.22 \n * Adobe Flash Player 10.3.185.22 \n * Adobe Flash Player 10.3.185.23 \n * Adobe Flash Player 10.3.185.25 \n * Adobe Flash Player 10.3.186.2 \n * Adobe Flash Player 10.3.186.3 \n * Adobe Flash Player 10.3.186.6 \n * Adobe Flash Player 10.3.186.7 \n * Adobe Flash Player 11.0.1.152 \n * Adobe Flash Player 9 \n * Adobe Flash Player 9.0.112.0 \n * Adobe Flash Player 9.0.114.0 \n * Adobe Flash Player 9.0.115.0 \n * Adobe Flash Player 9.0.124.0 \n * Adobe Flash Player 9.0.125.0 \n * Adobe Flash Player 9.0.151 .0 \n * Adobe Flash Player 9.0.152 .0 \n * Adobe Flash Player 9.0.155.0 \n * Adobe Flash Player 9.0.159.0 \n * Adobe Flash Player 9.0.16 \n * Adobe Flash Player 9.0.18D60 \n * Adobe Flash Player 9.0.20 \n * Adobe Flash Player 9.0.20.0 \n * Adobe Flash Player 9.0.246 0 \n * Adobe Flash Player 9.0.246.0 \n * Adobe Flash Player 9.0.260.0 \n * Adobe Flash Player 9.0.262 \n * Adobe Flash Player 9.0.262.0 \n * Adobe Flash Player 9.0.277.0 \n * Adobe Flash Player 9.0.28.0 \n * Adobe Flash Player 9.0.28.0 \n * Adobe Flash Player 9.0.280 \n * Adobe Flash Player 9.0.283.0 \n * Adobe Flash Player 9.0.289.0 \n * Adobe Flash Player 9.0.31.0 \n * Adobe Flash Player 9.0.31.0 \n * Adobe Flash Player 9.0.45.0 \n * Adobe Flash Player 9.0.47.0 \n * Adobe Flash Player 9.0.48.0 \n * Adobe Flash Player 9.125.0 \n * Adobe Flash Player for Android 11.0.1.153 \n * Gentoo Linux \n * HP Systems Insight Manager 4.0 \n * HP Systems Insight Manager 4.1 \n * HP Systems Insight Manager 4.1 SP1 \n * HP Systems Insight Manager 4.2 \n * HP Systems Insight Manager 4.2 SP1 \n * HP Systems Insight Manager 4.2 SP2 \n * HP Systems Insight Manager 5.0 \n * HP Systems Insight Manager 5.0 SP1 \n * HP Systems Insight Manager 5.0 SP2 \n * HP Systems Insight Manager 5.0 SP3 \n * HP Systems Insight Manager 5.0 SP5 \n * HP Systems Insight Manager 5.0 SP6 \n * HP Systems Insight Manager 5.1 SP1 \n * HP Systems Insight Manager 5.2 SP2 \n * HP Systems Insight Manager 5.3 \n * HP Systems Insight Manager 5.3 Update 1 \n * HP Systems Insight Manager 6.0 \n * HP Systems Insight Manager 6.0.0.96 \n * HP Systems Insight Manager 6.1 \n * HP Systems Insight Manager 6.2 \n * HP Systems Insight Manager 6.3 \n * Redhat Enterprise Linux Desktop Supplementary 5 Client \n * Redhat Enterprise Linux Desktop Supplementary 6 \n * Redhat Enterprise Linux Server Supplementary 6 \n * Redhat Enterprise Linux Supplementary 5 Server \n * Redhat Enterprise Linux Workstation Supplementary 6 \n * SuSE Suse Linux Enterprise Desktop 10 SP4 \n * SuSE Suse Linux Enterprise Desktop 11 SP1 \n * SuSE openSUSE 11.3 \n * SuSE openSUSE 11.4 \n * Sun Solaris 10 Sparc \n * Sun Solaris 10 X86 \n * Sun Solaris 11 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, run the application with the minimal amount of privileges required for functionality.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity including unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.\n\n**Do not accept or execute files from untrusted or unknown sources.** \nTo reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources. \n\n**Do not follow links provided by unknown or untrusted sources.** \nTo reduce the likelihood of attacks, never visit sites of questionable integrity or follow links provided by unfamiliar or untrusted sources. \n\n**Implement multiple redundant layers of security.** \nVarious memory-protection schemes (such as nonexecutable and randomly mapped memory segments) may hinder an attacker's ability to exploit this vulnerability to execute arbitrary code.\n\nUpdates are available. Please see the references for more information.\n", "published": "2011-11-09T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/50622", "cvelist": ["CVE-2011-2452"], "lastseen": "2018-03-14T22:40:42"}], "seebug": [{"id": "SSV:23200", "type": "seebug", "title": "Adobe Flash Player\u8de8\u57df\u5b89\u5168\u9650\u5236\u7ed5\u8fc7\u6f0f\u6d1e", "description": "BUGTRAQ ID: 50629\r\nCVE ID: CVE-2011-2458\r\n\r\nAdobe Flash Player\u662f\u4e00\u4e2a\u96c6\u6210\u7684\u591a\u5a92\u4f53\u64ad\u653e\u5668\u3002\r\n\r\nAdobe Flash Player\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u5b89\u5168\u9650\u5236\u7ed5\u8fc7\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u7ed5\u8fc7\u67d0\u4e9b\u540c\u6e90\u7b56\u7565\u9650\u5236\u3002\n\nAdobe Flash Player 9.x\r\nAdobe Flash Player 10.x\r\nAdobe AIR 3.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nAdobe\r\n-----\r\nAdobe\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08APSB11-28\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\n\r\nAPSB11-28\uff1aSecurity update available for Adobe Flash Player\r\n\r\n\u94fe\u63a5\uff1ahttp://www.adobe.com/support/security/bulletins/apsb11-28.html", "published": "2011-11-16T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.seebug.org/vuldb/ssvid-23200", "cvelist": ["CVE-2011-2458"], "lastseen": "2017-11-19T17:57:10"}]}}

Security update for flash-player (critical)

Description

flash-player update to version 11.1.102.55 to fix the following critical security issues: CVE-2011-2445, CVE-2011-2450, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2456, CVE-2011-2457, CVE-2011-2458, CVE-2011-2459, CVE-2011-2460

flash-player update to version 11.1.102.55 to fix the following critical security issues:

CVE-2011-2445, CVE-2011-2450, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2456, CVE-2011-2457, CVE-2011-2458, CVE-2011-2459, CVE-2011-2460