Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiAnonymousZDI-11-081
HistoryFeb 08, 2011 - 12:00 a.m.

Adobe Flash Player Point Object Remote Code Execution Vulnerability

2011-02-0800:00:00
Anonymous
www.zerodayinitiative.com
14

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.011 Low

EPSS

Percentile

84.1%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within construction of a specific ActionScript3 object. Due to improper type checking in the implementation of the constructor, an alternative type can be provided as an argument to the constructor and stored as a property. When this object is applied to a bitmap copy, the application will corrupt memory. This can lead to code execution under the context of the application.

Related

securityvulns 3
checkpoint_advisories 1
prion 10
ubuntucve 10
cve 10
cvelist 10
nessus 22
suse 2
freebsd 1
openvas 10
redhat 3
gentoo 1
securityvulns
securityvulns
ZDI-11-081: Adobe Flash Player Point Object Remote Code Execution Vulnerability
2011-02-11 00:00:00
Adobe Flash Player multiple security vulnerabilities
2011-02-14 00:00:00
Security update available for Adobe Flash Player
2011-02-11 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Malformed Number Arguments Memory Corruption (APSB11-02; CVE-2011-0578)
2011-03-08 00:00:00
prion
prion
Memory corruption
2011-02-10 16:00:00
Memory corruption
2011-02-10 16:00:00
Memory corruption
2011-02-10 16:00:00
ubuntucve
ubuntucve
CVE-2011-0561
2011-02-10 00:00:00
CVE-2011-0571
2011-02-10 00:00:00
CVE-2011-0607
2011-02-10 00:00:00
cve
cve
CVE-2011-0572
2011-02-10 16:00:00
CVE-2011-0559
2011-02-10 16:00:00
CVE-2011-0560
2011-02-10 16:00:00
cvelist
cvelist
CVE-2011-0560
2011-02-10 15:00:00
CVE-2011-0572
2011-02-10 15:00:00
CVE-2011-0561
2011-02-10 15:00:00
nessus
nessus
Solaris 10 (sparc) : 125332-24 (deprecated)
2007-06-05 00:00:00
Solaris 10 (x86) : 125333-23 (deprecated)
2007-06-05 00:00:00
SuSE 11.1 Security Update : flash-player (SAT Patch Number 3926)
2011-02-15 00:00:00
suse
suse
remote code execution in flash-player
2011-02-14 17:59:02
remote code execution in acroread
2011-03-07 16:51:18
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2011-02-08 00:00:00
openvas
openvas
Adobe Flash Player Multiple Vulnerabilities (Feb 2011) - Linux
2011-02-15 00:00:00
FreeBSD Ports: linux-flashplugin
2011-03-05 00:00:00
Adobe Flash Player Multiple Vulnerabilities February-2011 (Windows)
2011-02-15 00:00:00
redhat
redhat
(RHSA-2011:0206) Critical: flash-plugin security update
2011-02-09 00:00:00
(RHSA-2011:0259) Critical: flash-plugin - 1-Month End Of Life Notice
2011-02-15 00:00:00
(RHSA-2011:0368) Critical: flash-plugin - End Of Life
2011-03-21 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2011-10-13 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.011 Low

EPSS

Percentile

84.1%

JSON
Related for ZDI-11-081
securityvulns3checkpoint_advisories1prion10ubuntucve10cve10cvelist10nessus22suse2freebsd1openvas10redhat3gentoo1