Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011.
Publish Date : 2011-06-16 Last Update Date : 2012-03-19
| Cvss Score |
10.0 |
| Confidentiality Impact |
Complete
(There is total information disclosure, resulting in all system files being revealed.) |
| Integrity Impact |
Complete
(There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised.) |
| Availability Impact |
Complete
(There is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.) |
| Access Complexity |
Low
(Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. ) |
| Authentication |
Not required
(Authentication is not required to exploit the vulnerability.) |
| Gained Access |
None |
| Vulnerability Type(s) |
Denial Of ServiceExecute CodeOverflowMemory corruption |
| CWE ID |
119 |
| Title |
Definition Id |
Class |
Family |
|
Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, ... |
oval:org.mitre.oval:def:16252 |
|
macos |
|
Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, ... |
oval:org.mitre.oval:def:14091 |
|
windows |
|
CVE-2011-2110 |
oval:org.opensuse.security:def:20112110 |
|
unix |
|
RHSA-2011:0869: flash-plugin security update (Critical) |
oval:com.redhat.rhsa:def:20110869 |
|
unix |
|
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify
a vulnerability or a missing patch. Check out the OVAL definitions
if you want to learn what you should do to verify a vulnerability.
