Vulnerability Details : CVE-2011-2428

Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service (browser crash) via unspecified vectors, related to a "logic error issue."
Publish Date : 2011-09-21 Last Update Date : 2012-05-31

Collapse All Expand All Select Select&Copy	Scroll To Vendor Statements(0) Additional Vendor Data(0) OVAL Definitions(0) Vulnerable Products(0) # Of Vulns By Products References(0) Metasploit Modules(0)	Comments View User Comments Add Comment	External Links Secunia Advisories XForce Advisories Vulnerability Details at NVD Vulnerability Details at Mitre Nessus Plugins Linux Kernel Git Repository First CVSS Guide
Related Tweets Even more tweets Search Twitter Search YouTube Search Google

- CVSS Scores & Vulnerability Types

Cvss Score	9.3
Confidentiality Impact	Complete (There is total information disclosure, resulting in all system files being revealed.)
Integrity Impact	Complete (There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised.)
Availability Impact	Complete (There is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.)
Access Complexity	Medium (The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)
Authentication	Not required (Authentication is not required to exploit the vulnerability.)
Gained Access	None
Vulnerability Type(s)	Denial Of ServiceExecute Code
CWE ID	20

- Additional Vendor Supplied Data

Vendor	Impact	CVSS Score	CVSS Vector	Report Date	Publish Date
Redhat	critical	6.8	AV:N/AC:M/Au:N/C:P/I:P/A:P	2011-09-21	2011-09-21

If you are a vendor and you have additional data which can be automatically imported into our database, please contact admin @ cvedetails.com

- Related OVAL Definitions

Title	Definition Id	Family
Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows...	oval:org.mitre.oval:def:13945	windows
Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows...	oval:org.mitre.oval:def:16181	macos
CVE-2011-2428	oval:org.opensuse.security:def:20112428	unix
RHSA-2011:1333: flash-plugin security update (Critical)	oval:com.redhat.rhsa:def:20111333	unix
RHSA-2011:1434: acroread security update (Critical)	oval:com.redhat.rhsa:def:20111434	unix

OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability.

- Products Affected By CVE-2011-2428

#	Product Type	Vendor	Product	Version
1	Application	Adobe	Flash Player	6.0.21.0	Details Vulnerabilities
2	Application	Adobe	Flash Player	6.0.79	Details Vulnerabilities
3	Application	Adobe	Flash Player	7	Details Vulnerabilities
4	Application	Adobe	Flash Player	7.0	Details Vulnerabilities
5	Application	Adobe	Flash Player	7.0.1	Details Vulnerabilities
6	Application	Adobe	Flash Player	7.0.14.0	Details Vulnerabilities
7	Application	Adobe	Flash Player	7.0.19.0	Details Vulnerabilities
8	Application	Adobe	Flash Player	7.0.24.0	Details Vulnerabilities
9	Application	Adobe	Flash Player	7.0.25	Details Vulnerabilities
10	Application	Adobe	Flash Player	7.0.53.0	Details Vulnerabilities
11	Application	Adobe	Flash Player	7.0.60.0	Details Vulnerabilities
12	Application	Adobe	Flash Player	7.0.61.0	Details Vulnerabilities
13	Application	Adobe	Flash Player	7.0.63	Details Vulnerabilities
14	Application	Adobe	Flash Player	7.0.66.0	Details Vulnerabilities
15	Application	Adobe	Flash Player	7.0.67.0	Details Vulnerabilities
16	Application	Adobe	Flash Player	7.0.68.0	Details Vulnerabilities
17	Application	Adobe	Flash Player	7.0.69.0	Details Vulnerabilities
18	Application	Adobe	Flash Player	7.0.70.0	Details Vulnerabilities
19	Application	Adobe	Flash Player	7.0.73.0	Details Vulnerabilities
20	Application	Adobe	Flash Player	7.1	Details Vulnerabilities
21	Application	Adobe	Flash Player	7.1.1	Details Vulnerabilities
22	Application	Adobe	Flash Player	7.2	Details Vulnerabilities
23	Application	Adobe	Flash Player	8	Details Vulnerabilities
24	Application	Adobe	Flash Player	8.0	Details Vulnerabilities
25	Application	Adobe	Flash Player	8.0.22.0	Details Vulnerabilities
26	Application	Adobe	Flash Player	8.0.24.0	Details Vulnerabilities
27	Application	Adobe	Flash Player	8.0.33.0	Details Vulnerabilities
28	Application	Adobe	Flash Player	8.0.34.0	Details Vulnerabilities
29	Application	Adobe	Flash Player	8.0.35.0	Details Vulnerabilities
30	Application	Adobe	Flash Player	8.0.39.0	Details Vulnerabilities
31	Application	Adobe	Flash Player	8.0.42.0	Details Vulnerabilities
32	Application	Adobe	Flash Player	9	Details Vulnerabilities
33	Application	Adobe	Flash Player	9.0.16	Details Vulnerabilities
34	Application	Adobe	Flash Player	9.0.18d60	Details Vulnerabilities
35	Application	Adobe	Flash Player	9.0.20	Details Vulnerabilities
36	Application	Adobe	Flash Player	9.0.20.0	Details Vulnerabilities
37	Application	Adobe	Flash Player	9.0.28	Details Vulnerabilities
38	Application	Adobe	Flash Player	9.0.28.0	Details Vulnerabilities
39	Application	Adobe	Flash Player	9.0.31	Details Vulnerabilities
40	Application	Adobe	Flash Player	9.0.31.0	Details Vulnerabilities
41	Application	Adobe	Flash Player	9.0.45.0	Details Vulnerabilities
42	Application	Adobe	Flash Player	9.0.47.0	Details Vulnerabilities
43	Application	Adobe	Flash Player	9.0.48.0	Details Vulnerabilities
44	Application	Adobe	Flash Player	9.0.112.0	Details Vulnerabilities
45	Application	Adobe	Flash Player	9.0.114.0	Details Vulnerabilities
46	Application	Adobe	Flash Player	9.0.115.0	Details Vulnerabilities
47	Application	Adobe	Flash Player	9.0.124.0	Details Vulnerabilities
48	Application	Adobe	Flash Player	9.0.125.0	Details Vulnerabilities
49	Application	Adobe	Flash Player	9.0.151.0	Details Vulnerabilities
50	Application	Adobe	Flash Player	9.0.152.0	Details Vulnerabilities
51	Application	Adobe	Flash Player	9.0.155.0	Details Vulnerabilities
52	Application	Adobe	Flash Player	9.0.159.0	Details Vulnerabilities
53	Application	Adobe	Flash Player	9.0.246.0	Details Vulnerabilities
54	Application	Adobe	Flash Player	9.0.260.0	Details Vulnerabilities
55	Application	Adobe	Flash Player	9.0.262.0	Details Vulnerabilities
56	Application	Adobe	Flash Player	9.0.277.0	Details Vulnerabilities
57	Application	Adobe	Flash Player	9.0.283.0	Details Vulnerabilities
58	Application	Adobe	Flash Player	9.125.0	Details Vulnerabilities
59	Application	Adobe	Flash Player	10.0.0.584	Details Vulnerabilities
60	Application	Adobe	Flash Player	10.0.12.10	Details Vulnerabilities
61	Application	Adobe	Flash Player	10.0.12.36	Details Vulnerabilities
62	Application	Adobe	Flash Player	10.0.15.3	Details Vulnerabilities
63	Application	Adobe	Flash Player	10.0.22.87	Details Vulnerabilities
64	Application	Adobe	Flash Player	10.0.32.18	Details Vulnerabilities
65	Application	Adobe	Flash Player	10.0.42.34	Details Vulnerabilities
66	Application	Adobe	Flash Player	10.0.45.2	Details Vulnerabilities
67	Application	Adobe	Flash Player	10.1.52.14.1	Details Vulnerabilities
68	Application	Adobe	Flash Player	10.1.52.15	Details Vulnerabilities
69	Application	Adobe	Flash Player	10.1.53.64	Details Vulnerabilities
70	Application	Adobe	Flash Player	10.1.82.76	Details Vulnerabilities
71	Application	Adobe	Flash Player	10.1.85.3	Details Vulnerabilities
72	Application	Adobe	Flash Player	10.1.92.8	Details Vulnerabilities
73	Application	Adobe	Flash Player	10.1.92.10	Details Vulnerabilities
74	Application	Adobe	Flash Player	10.1.95.1	Details Vulnerabilities
75	Application	Adobe	Flash Player	10.1.95.2	Details Vulnerabilities
76	Application	Adobe	Flash Player	10.1.102.64	Details Vulnerabilities
77	Application	Adobe	Flash Player	10.1.105.6	Details Vulnerabilities
78	Application	Adobe	Flash Player	10.1.106.16	Details Vulnerabilities
79	Application	Adobe	Flash Player	10.2.152	Details Vulnerabilities
80	Application	Adobe	Flash Player	10.2.152.32	Details Vulnerabilities
81	Application	Adobe	Flash Player	10.2.152.33	Details Vulnerabilities
82	Application	Adobe	Flash Player	10.2.154.13	Details Vulnerabilities
83	Application	Adobe	Flash Player	10.2.154.25	Details Vulnerabilities
84	Application	Adobe	Flash Player	10.2.156.12	Details Vulnerabilities
85	Application	Adobe	Flash Player	10.2.157.51	Details Vulnerabilities
86	Application	Adobe	Flash Player	10.2.159.1	Details Vulnerabilities
87	Application	Adobe	Flash Player	10.3.181.14	Details Vulnerabilities
88	Application	Adobe	Flash Player	10.3.181.16	Details Vulnerabilities
89	Application	Adobe	Flash Player	10.3.181.23	Details Vulnerabilities
90	Application	Adobe	Flash Player	10.3.181.34	Details Vulnerabilities
91	Application	Adobe	Flash Player	10.3.181.36	Details Vulnerabilities
92	Application	Adobe	Flash Player	10.3.183.5	Details Vulnerabilities
93	Application	Adobe	Flash Player	10.3.183.7	Details Vulnerabilities
94	Application	Adobe	Flash Player	10.3.185.21	Details Vulnerabilities
95	Application	Adobe	Flash Player	10.3.185.23	Details Vulnerabilities
96	Application	Adobe	Flash Player	10.3.185.25	Details Vulnerabilities
97	Application	Adobe	Flash Player	10.3.186.3	Details Vulnerabilities
98	Application	Adobe	Flash Player	10.3.186.6	Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor	Product	Vulnerable Versions
Adobe	Flash Player	98

- References For CVE-2011-2428

http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00025.html
SUSE SUSE-SU-2011:1063

http://www.adobe.com/support/security/bulletins/apsb11-26.html CONFIRM

http://www.redhat.com/support/errata/RHSA-2011-1333.html
REDHAT RHSA-2011:1333

- Vulnerability Conditions

Vulnerability is valid if product versions listed below are used TOGETHER WITH(AND)
Adobe Flash Player 10.3.183.7 Adobe Flash Player 10.3.183.5 Adobe Flash Player 10.3.181.36 Adobe Flash Player 10.3.181.34 Adobe Flash Player 10.3.181.23 Adobe Flash Player 10.3.181.16 Adobe Flash Player 10.3.181.14 Adobe Flash Player 10.2.159.1 Adobe Flash Player 10.2.154.25 Adobe Flash Player 10.2.154.13 Adobe Flash Player 10.2.152.33 Adobe Flash Player 10.2.152.32 Adobe Flash Player 10.2.152 Adobe Flash Player 10.1.92.8 Adobe Flash Player 10.1.82.76 Adobe Flash Player 9.0.47.0 Adobe Flash Player 10.1.95.2 Adobe Flash Player 10.1.85.3 Adobe Flash Player 6.0.79 Adobe Flash Player 10.1.52.15 Adobe Flash Player 10.1.53.64 Adobe Flash Player 9.0.277.0 Adobe Flash Player 7.0.70.0 Adobe Flash Player 8.0.34.0 Adobe Flash Player 6.0.21.0 Adobe Flash Player 7.0.14.0 Adobe Flash Player 7 Adobe Flash Player 7.1.1 Adobe Flash Player 7.0.69.0 Adobe Flash Player 7.0.19.0 Adobe Flash Player 7.2 Adobe Flash Player 7.0.1 Adobe Flash Player 7.0 Adobe Flash Player 7.0.61.0 Adobe Flash Player 7.0.67.0 Adobe Flash Player 7.0.73.0 Adobe Flash Player 7.0.60.0 Adobe Flash Player 7.0.53.0 Adobe Flash Player 7.0.24.0 Adobe Flash Player 9.0.20 Adobe Flash Player 7.0.68.0 Adobe Flash Player 7.1 Adobe Flash Player 7.0.66.0 Adobe Flash Player 8.0.42.0 Adobe Flash Player 9.0.115.0 Adobe Flash Player 9.0.48.0 Adobe Flash Player 7.0.63 Adobe Flash Player 7.0.25 Adobe Flash Player 8.0.35.0 Adobe Flash Player 8.0.39.0 Adobe Flash Player 8.0.33.0 Adobe Flash Player 8.0.22.0 Adobe Flash Player 8 Adobe Flash Player 8.0.24.0 Adobe Flash Player 8.0 Adobe Flash Player 9.0.155.0 Adobe Flash Player 9 Adobe Flash Player 9.0.31 Adobe Flash Player 9.0.159.0 Adobe Flash Player 9.0.124.0 Adobe Flash Player 9.0.31.0 Adobe Flash Player 9.0.283.0 Adobe Flash Player 9.0.20.0 Adobe Flash Player 10.0.22.87 Adobe Flash Player 9.0.28.0 Adobe Flash Player 9.0.262.0 Adobe Flash Player 9.125.0 Adobe Flash Player 9.0.114.0 Adobe Flash Player 9.0.45.0 Adobe Flash Player 9.0.260.0 Adobe Flash Player 9.0.28 Adobe Flash Player 9.0.125.0 Adobe Flash Player 9.0.16 Adobe Flash Player 9.0.18d60 Adobe Flash Player 9.0.151.0 Adobe Flash Player 9.0.152.0 Adobe Flash Player 9.0.246.0 Adobe Flash Player 9.0.112.0 Adobe Flash Player 10.0.45.2 Adobe Flash Player 10.0.42.34 Adobe Flash Player 10.0.0.584 Adobe Flash Player 10.0.12.10 Adobe Flash Player 10.0.32.18 Adobe Flash Player 10.0.12.36 Adobe Flash Player 10.0.15.3 Adobe Flash Player 10.1.92.10 Adobe Flash Player 10.1.102.64 Adobe Flash Player 10.1.52.14.1 Adobe Flash Player 10.1.95.1	Apple Mac Os X Linux Linux Kernel Microsoft Windows SUN Sunos
Vulnerability is valid if product versions listed below are used TOGETHER WITH(AND)
Adobe Flash Player 10.3.186.3 Adobe Flash Player 10.3.186.6 Adobe Flash Player 10.3.185.25 Adobe Flash Player 10.3.185.23 Adobe Flash Player 10.3.185.21 Adobe Flash Player 10.2.157.51 Adobe Flash Player 10.2.156.12 Adobe Flash Player 10.1.106.16 Adobe Flash Player 10.1.105.6 Adobe Flash Player 10.1.95.2 Adobe Flash Player 10.1.92.10 Adobe Flash Player 10.1.92.8	Google Android

- Metasploit Modules Related To CVE-2011-2428

There are not any metasploit modules related to this vulnerability (Please visit www.metasploit.com for more information)