CVE-2011-2424

2011-08-1500:00:00

ubuntu.com

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.268 Low

EPSS

Percentile

96.8%

JSON

Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and
Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on
Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote
attackers to execute arbitrary code or cause a denial of service (memory
corruption) via a crafted SWF file, as demonstrated by “about 400 unique
crash signatures.”

Notes

Author	Note
mdeslaur	due to a packaging error, we called ours 10.3.183.4

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchadobe-flashplugin< 10.3.183.4-0lucid1UNKNOWN
ubuntu10.10noarchadobe-flashplugin< 10.3.183.4-0maverick1UNKNOWN
ubuntu11.04noarchadobe-flashplugin< 10.3.183.4-0natty1UNKNOWN
ubuntu10.04noarchflashplugin-nonfree< 10.3.183.4ubuntu0.10.04.1UNKNOWN
ubuntu10.10noarchflashplugin-nonfree< 10.3.183.4ubuntu0.10.10.1UNKNOWN
ubuntu11.04noarchflashplugin-nonfree< 10.3.183.4ubuntu0.11.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	10.04	noarch	adobe-flashplugin	< 10.3.183.4-0lucid1	UNKNOWN
ubuntu	10.10	noarch	adobe-flashplugin	< 10.3.183.4-0maverick1	UNKNOWN
ubuntu	11.04	noarch	adobe-flashplugin	< 10.3.183.4-0natty1	UNKNOWN
ubuntu	10.04	noarch	flashplugin-nonfree	< 10.3.183.4ubuntu0.10.04.1	UNKNOWN
ubuntu	10.10	noarch	flashplugin-nonfree	< 10.3.183.4ubuntu0.10.10.1	UNKNOWN
ubuntu	11.04	noarch	flashplugin-nonfree	< 10.3.183.4ubuntu0.11.04.1	UNKNOWN