Vulnerability Details : CVE-2011-0611
Public exploit exists!
Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a "group of included constants," object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011.
Vulnerability category: Execute codeDenial of service
Products affected by CVE-2011-0611
- cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
CVE-2011-0611 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Adobe Flash Player Remote Code Execution Vulnerability
CISA required action:
The impacted product is end-of-life and should be disconnected if still in use.
CISA description:
Adobe Flash Player contains a vulnerability that allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content.
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2011-0611
Added on
2022-03-03
Action due date
2022-03-24
Exploit prediction scoring system (EPSS) score for CVE-2011-0611
95.34%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2011-0611
-
Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability
Disclosure Date: 2011-04-11First seen: 2020-04-26exploit/windows/browser/adobe_flashplayer_flash10oThis module exploits a vulnerability in Adobe Flash Player that was discovered, and has been exploited actively in the wild. By embedding a specially crafted .swf file, Adobe Flash crashes due to an invalid use of an object type, which allows attackers to overwrit
CVSS scores for CVE-2011-0611
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST | |
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2024-07-03 |
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST | 2024-02-02 |
CWE ids for CVE-2011-0611
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
-
The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.Assigned by:
- 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2011-0611
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/66681
Adobe Flash Player .swf and .doc code execution CVE-2011-0611 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://www.vupen.com/english/advisories/2011/0923
Webmail | OVH- OVHBroken Link;Vendor Advisory
-
http://www.vupen.com/english/advisories/2011/0922
Webmail | OVH- OVHBroken Link;Vendor Advisory
-
http://securityreason.com/securityalert/8292
Adobe Reader X Atom Type Confusion Vulnerability Exploit - CXSecurity.comThird Party Advisory
-
http://contagiodump.blogspot.com/2011/04/apr-8-cve-2011-0611-flash-player-zero.html
contagio: Apr. 8 CVE-2011-0611 Flash Player Zero day - SWF in DOC/ XLS - Disentangling Industrial Policy..Exploit;Issue Tracking
-
http://www.adobe.com/support/security/bulletins/apsb11-08.html
Adobe-Security Bulletins: APSB11-08 - Security update available for Adobe Reader and AcrobatBroken Link;Vendor Advisory
-
http://www.securitytracker.com/id?1025325
Adobe Acrobat/Reader 'Authplay.dll' Flaw Lets Remote Users Execute Arbitrary Code - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
-
http://www.securitytracker.com/id?1025324
Adobe Flash Player Flaw Lets Remote Users Execute Arbitrary Code - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00004.html
[security-announce] SUSE Security Announcement: flash-player (SUSE-SA:20Mailing List;Patch
-
http://www.adobe.com/support/security/bulletins/apsb11-07.html
Adobe - Security Bulletins: APSB11-07 - Security update available for Adobe Flash PlayerBroken Link;Vendor Advisory
-
http://www.vupen.com/english/advisories/2011/0924
Webmail | OVH- OVHBroken Link;Vendor Advisory
-
http://bugix-security.blogspot.com/2011/04/cve-2011-0611-adobe-flash-zero-day.html
BugiX - Security Research: CVE-2011-0611 Adobe Flash Zero Day embeded in DOCExploit
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14175
Repository / Oval RepositoryBroken Link
-
http://secunia.com/advisories/44149
Sign inBroken Link;Vendor Advisory
-
http://www.securityfocus.com/bid/47314
Adobe Flash Player CVE-2011-0611 'SWF' File Remote Memory Corruption VulnerabilityBroken Link;Third Party Advisory;VDB Entry
-
http://www.exploit-db.com/exploits/17175
Adobe Flash Player 10.2.153.1 - SWF Memory Corruption (Metasploit) - Windows remote ExploitExploit;Third Party Advisory;VDB Entry
-
http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html
Chrome Releases: Stable Channel UpdateRelease Notes
-
http://blogs.technet.com/b/mmpc/archive/2011/04/12/analysis-of-the-cve-2011-0611-adobe-flash-player-vulnerability-exploitation.aspx
Page not found - Microsoft SecurityNot Applicable
-
http://www.adobe.com/support/security/advisories/apsa11-02.html
Adobe - Security Advisories: APSA11-02 - Security Advisory for Adobe Flash Player, Adobe Reader and AcrobatBroken Link;Vendor Advisory
-
http://www.redhat.com/support/errata/RHSA-2011-0451.html
SupportBroken Link;Vendor Advisory
-
http://secunia.com/advisories/44141
Sign inBroken Link;Vendor Advisory
-
http://secunia.com/advisories/44119
Sign inBroken Link;Vendor Advisory
-
http://secunia.com/blog/210/
About Secunia Research | FlexeraBroken Link;Vendor Advisory
-
http://www.kb.cert.org/vuls/id/230057
VU#230057 - Adobe Flash Player contains unspecified code execution vulnerabilityBroken Link;Third Party Advisory;US Government Resource
-
http://securityreason.com/securityalert/8204
Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability - CXSecurity.comThird Party Advisory
Jump to