Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2011-0611
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a "group of included constants," object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011..
CVSSv2.0 Score
- Severity
- High
- Base Score
- 9.3/10
- Exploit Score
- 8.6/10
- Access Vector
- Network
- Access Complexity
- Medium
- Authentication Required
- None
- Impact Score
- 10/10
- Confidentiality Impact
- Complete
- Availability Impact
- Complete
- Integrity Impact
- Complete
Products Affected
| CPE | Affected | Vulnerable | Excluding | Edit |
|---|---|---|---|---|
| cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.0.14.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.0.19.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.0.24.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.0.53.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.0.60.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.0.61.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.0.66.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.0.67.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.0.68.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.0.73.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.155.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.262.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.277.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.0.283.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.1.95.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.1.102.64:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.2.152:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.2.152.32:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.2.152.33:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.2.154.13:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:oracle:solaris:*:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.1.105.6:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:flash_player:10.1.106.16:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:o:google:android:*:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat:9.4:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat:9.4.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat:9.4.3:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat:10.0.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat_reader:9.4.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat_reader:9.4.3:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat_reader:10.0.1:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:a:adobe:acrobat_reader:10.0.2:*:*:*:*:*:*:* |
Yes
|
- | ||
| cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* |
No
|
- | ||
| cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
No
|
- |
References
- http://www.adobe.com/support/security/advisories/apsa11-02.html
- http://www.redhat.com/support/errata/RHSA-2011-0451.html
- http://www.vupen.com/english/advisories/2011/0922
- http://www.adobe.com/support/security/bulletins/apsb11-07.html
- http://bugix-security.blogspot.com/2011/04/cve-2011-0611-adobe-flash-zero-day.html
- http://www.securitytracker.com/id?1025325
- http://www.kb.cert.org/vuls/id/230057
- http://secunia.com/advisories/44149
- http://blogs.technet.com/b/mmpc/archive/2011/04/12/analysis-of-the-cve-2011-0611-adobe-f
- http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00004.html
- http://www.exploit-db.com/exploits/17175
- http://www.vupen.com/english/advisories/2011/0923
- http://contagiodump.blogspot.com/2011/04/apr-8-cve-2011-0611-flash-player-zero.html
- http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html
- http://secunia.com/advisories/44119
- http://secunia.com/blog/210/
- http://www.vupen.com/english/advisories/2011/0924
- http://www.securityfocus.com/bid/47314
- http://www.securitytracker.com/id?1025324
- http://secunia.com/advisories/44141
- http://www.adobe.com/support/security/bulletins/apsb11-08.html
- http://securityreason.com/securityalert/8292
- http://securityreason.com/securityalert/8204
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66681
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1