Vulnerability Name: CVE-2011-2424 (CCN-69242) Assigned: 2011-08-09 Published: 2011-08-09 Updated: 2018-10-30 Summary: Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by "about 400 unique crash signatures." CVSS v3 Severity: 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C )6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C )6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P )5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): PartialIntegrity (I): PartialAvailibility (A): Partial
Vulnerability Type: CWE-119 Vulnerability Consequences: Gain Access References: Source: CONFIRM Type: UNKNOWNhttp://blogs.adobe.com/asset/2011/08/how-did-you-get-to-that-number.html Source: CCN Type: Blackberry Security Advisory KB28400Vulnerabilities in Adobe Flash Player version included with the BlackBerry PlayBook tablet Source: MITRE Type: CNACVE-2011-2424 Source: MISC Type: UNKNOWNhttp://googleonlinesecurity.blogspot.com/2011/08/fuzzing-at-scale.html Source: CCN Type: RHSA-2011-1144Critical: flash-plugin security update Source: CCN Type: RHSA-2011-1434Critical: acroread security update Source: CCN Type: SA46344BlackBerry Tablet OS Flash Player Multiple Vulnerabilities Source: MISC Type: UNKNOWNhttp://twitter.com/taviso/statuses/101046246277521409 Source: MISC Type: UNKNOWNhttp://twitter.com/taviso/statuses/101046396790128640 Source: CCN Type: Adobe Product Security Bulletin APSB11-21Security update available for Adobe Flash Player Source: CONFIRM Type: Patch, Vendor Advisoryhttp://www.adobe.com/support/security/bulletins/apsb11-21.html Source: CCN Type: OSVDB ID: 75201Adobe Flash Player SWF File Handling Arbitrary Code Execution (400 Taviso Bugs) Source: REDHAT Type: UNKNOWNRHSA-2011:1144 Source: CCN Type: BID-49186Adobe Flash Player CVE-2011-2424 Multiple Memory Corruption Vulnerabilities Source: CERT Type: US Government ResourceTA11-222A Source: XF Type: UNKNOWNadobe-flash-mem-code-execution(69242) Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:14199 Source: OVAL Type: UNKNOWNoval:org.mitre.oval:def:15869 Vulnerable Configuration: Configuration 1 :cpe:/a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:6.0.79:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.0.1:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.0.14.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.0.19.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.0.24.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.0.25:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.0.53.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.0.60.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.0.61.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.0.63:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.0.66.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.0.67.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.0.68.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.0.73.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.1:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.1.1:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:7.2:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:8.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.16:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.20:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.28:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.31:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.155.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.262.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.277.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.0.283.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:9.125.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.1.95.1:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.1.102.64:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.2.152:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.2.152.32:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.2.152.33:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.2.154.13:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.2.154.25:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.2.159.1:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.3.181.14:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.3.181.16:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.3.181.23:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.3.181.34:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:*:*:*:*:*:*:*:* (Version <= 10.3.181.36) AND cpe:/o:apple:mac_os_x:*:*:*:*:*:*:*:* OR cpe:/o:linux:linux_kernel:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows:*:*:*:*:*:*:*:* OR cpe:/o:sun:sunos:*:*:*:*:*:*:*:* Configuration 2 :cpe:/a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.1.105.6:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.1.106.16:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.2.156.12:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.2.157.51:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.3.185.21:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.3.185.23:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:*:*:*:*:*:*:*:* (Version <= 10.3.185.25) AND cpe:/o:google:android:*:*:*:*:*:*:*:* Configuration 3 :cpe:/a:adobe:adobe_air:1.0:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:1.1:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:1.5:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:2.6:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:*:*:*:*:*:*:*:* (Version <= 2.7) AND cpe:/o:apple:mac_os_x:*:*:*:*:*:*:*:* OR cpe:/o:microsoft:windows:*:*:*:*:*:*:*:* Configuration 4 :cpe:/a:adobe:adobe_air:1.0:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:1.1:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:1.5:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:2.6:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:2.7:*:*:*:*:*:*:* OR cpe:/a:adobe:adobe_air:*:*:*:*:*:*:*:* (Version <= 2.7.1) AND cpe:/o:google:android:*:*:*:*:*:*:*:* Configuration RedHat 1 :cpe:/a:redhat:rhel_extras:6:*:*:*:*:*:*:* Configuration RedHat 2 :cpe:/a:redhat:rhel_extras:5:*:*:*:*:*:*:* Configuration RedHat 3 :cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.1.102.64:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.2.154.13:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.2.152.33:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.2.153.1:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.2.154.25:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.2.156.12:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.2.157.51:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.2.159.1:*:*:*:*:*:*:* OR cpe:/a:google:chrome:13.0.748.0:*:*:*:*:*:*:* OR cpe:/a:adobe:flash_player:10.3.181.34:*:*:*:*:*:*:* AND cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:* Denotes that component is vulnerable Oval Definitions Definition ID Class Title Last Modified oval:org.mitre.oval:def:14199 V Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by "about 400 unique crash signatures." 2015-08-03 oval:org.mitre.oval:def:23730 P ELSA-2011:1144: flash-plugin security update (Critical) 2014-05-26 oval:org.mitre.oval:def:23659 P ELSA-2011:1434: acroread security update (Critical) 2014-05-26 oval:org.mitre.oval:def:21984 P RHSA-2011:1144: flash-plugin security update (Critical) 2014-02-24 oval:org.mitre.oval:def:22133 P RHSA-2011:1434: acroread security update (Critical) 2014-02-24 oval:org.mitre.oval:def:15869 V Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by "about 400 unique crash signatures." 2013-02-04 oval:com.redhat.rhsa:def:20111434 P RHSA-2011:1434: acroread security update (Critical) 2011-11-08 oval:com.redhat.rhsa:def:20111144 P RHSA-2011:1144: flash-plugin security update (Critical) 2011-08-10
BACK
adobe flash player 6.0.21.0
adobe flash player 6.0.79
adobe flash player 7.0
adobe flash player 7.0.1
adobe flash player 7.0.14.0
adobe flash player 7.0.19.0
adobe flash player 7.0.24.0
adobe flash player 7.0.25
adobe flash player 7.0.53.0
adobe flash player 7.0.60.0
adobe flash player 7.0.61.0
adobe flash player 7.0.63
adobe flash player 7.0.66.0
adobe flash player 7.0.67.0
adobe flash player 7.0.68.0
adobe flash player 7.0.69.0
adobe flash player 7.0.70.0
adobe flash player 7.0.73.0
adobe flash player 7.1
adobe flash player 7.1.1
adobe flash player 7.2
adobe flash player 8.0
adobe flash player 8.0.22.0
adobe flash player 8.0.24.0
adobe flash player 8.0.33.0
adobe flash player 8.0.34.0
adobe flash player 8.0.35.0
adobe flash player 8.0.39.0
adobe flash player 8.0.42.0
adobe flash player 9.0
adobe flash player 9.0.16
adobe flash player 9.0.18d60
adobe flash player 9.0.20
adobe flash player 9.0.20.0
adobe flash player 9.0.28
adobe flash player 9.0.28.0
adobe flash player 9.0.31
adobe flash player 9.0.31.0
adobe flash player 9.0.45.0
adobe flash player 9.0.47.0
adobe flash player 9.0.48.0
adobe flash player 9.0.112.0
adobe flash player 9.0.114.0
adobe flash player 9.0.115.0
adobe flash player 9.0.124.0
adobe flash player 9.0.125.0
adobe flash player 9.0.151.0
adobe flash player 9.0.152.0
adobe flash player 9.0.155.0
adobe flash player 9.0.159.0
adobe flash player 9.0.246.0
adobe flash player 9.0.260.0
adobe flash player 9.0.262.0
adobe flash player 9.0.277.0
adobe flash player 9.0.283.0
adobe flash player 9.125.0
adobe flash player 10.0.0.584
adobe flash player 10.0.12.10
adobe flash player 10.0.12.36
adobe flash player 10.0.15.3
adobe flash player 10.0.22.87
adobe flash player 10.0.32.18
adobe flash player 10.0.42.34
adobe flash player 10.0.45.2
adobe flash player 10.1.52.14.1
adobe flash player 10.1.52.15
adobe flash player 10.1.53.64
adobe flash player 10.1.82.76
adobe flash player 10.1.85.3
adobe flash player 10.1.92.8
adobe flash player 10.1.92.10
adobe flash player 10.1.95.1
adobe flash player 10.1.95.2
adobe flash player 10.1.102.64
adobe flash player 10.2.152
adobe flash player 10.2.152.32
adobe flash player 10.2.152.33
adobe flash player 10.2.154.13
adobe flash player 10.2.154.25
adobe flash player 10.2.159.1
adobe flash player 10.3.181.14
adobe flash player 10.3.181.16
adobe flash player 10.3.181.23
adobe flash player 10.3.181.34
adobe flash player *
apple mac os x *
linux linux kernel *
microsoft windows *
sun sunos *
adobe flash player 10.1.92.8
adobe flash player 10.1.92.10
adobe flash player 10.1.95.2
adobe flash player 10.1.105.6
adobe flash player 10.1.106.16
adobe flash player 10.2.156.12
adobe flash player 10.2.157.51
adobe flash player 10.3.185.21
adobe flash player 10.3.185.23
adobe flash player *
google android *
adobe adobe air 1.0
adobe adobe air 1.1
adobe adobe air 1.5
adobe adobe air 1.5.2
adobe adobe air 1.5.3
adobe adobe air 2.0.2
adobe adobe air 2.0.3
adobe adobe air 2.0.4
adobe adobe air 2.6
adobe adobe air *
apple mac os x *
microsoft windows *
adobe adobe air 1.0
adobe adobe air 1.1
adobe adobe air 1.5
adobe adobe air 1.5.2
adobe adobe air 1.5.3
adobe adobe air 2.0.2
adobe adobe air 2.0.3
adobe adobe air 2.0.4
adobe adobe air 2.6
adobe adobe air 2.7
adobe adobe air *
google android *
adobe flash player 10.0.12.10
adobe flash player 10.0.0.584
adobe flash player 10.0.12.36
adobe flash player 10.0.22.87
adobe flash player 10.0.32.18
adobe flash player 10.1.85.3
adobe flash player 10.1.95.2
adobe flash player 10.1.102.64
adobe flash player 10.2.154.13
adobe flash player 10.2.152.33
adobe flash player 10.2.153.1
adobe flash player 10.2.154.25
adobe flash player 10.2.156.12
adobe flash player 10.2.157.51
adobe flash player 10.2.159.1
google chrome 13.0.748.0
adobe flash player 10.3.181.34
redhat rhel extras 4