cvelistv5 - cve-2011-2115

CVE-2011-2115 (GCVE-0-2011-2115)

Vulnerability from cvelistv5 – Published: 2011-06-16 23:00 – Updated: 2024-08-06 22:53

Summary

IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116.

Severity ?

No CVSS data available.

CWE

Assigner

adobe

References

URL

Tags

	http://labs.idefense.com/intelligence/vulnerabili…	third-party-advisoryx_refsource_IDEFENSE
	http://www.adobe.com/support/security/bulletins/a…	x_refsource_CONFIRM
	http://www.us-cert.gov/cas/techalerts/TA11-166A.html	third-party-advisoryx_refsource_CERT

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:53:16.826Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20110614 Adobe Shockwave Cursor Asset tSAC Chunk Integer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=919"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-17.html"
          },
          {
            "name": "TA11-166A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-07-20T09:00:00",
        "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "shortName": "adobe"
      },
      "references": [
        {
          "name": "20110614 Adobe Shockwave Cursor Asset tSAC Chunk Integer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=919"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.adobe.com/support/security/bulletins/apsb11-17.html"
        },
        {
          "name": "TA11-166A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@adobe.com",
          "ID": "CVE-2011-2115",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20110614 Adobe Shockwave Cursor Asset tSAC Chunk Integer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=919"
            },
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb11-17.html",
              "refsource": "CONFIRM",
              "url": "http://www.adobe.com/support/security/bulletins/apsb11-17.html"
            },
            {
              "name": "TA11-166A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
    "assignerShortName": "adobe",
    "cveId": "CVE-2011-2115",
    "datePublished": "2011-06-16T23:00:00",
    "dateReserved": "2011-05-13T00:00:00",
    "dateUpdated": "2024-08-06T22:53:16.826Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"11.5.9.620\", \"matchCriteriaId\": \"37A6F040-3CE3-456A-95CA-319EC6704284\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA5643BC-12F8-4F05-A363-9FC97EF1DD0F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"085FA7DD-8048-4768-816C-82828022FCF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0DC258D-1C2B-4A7F-AD80-6C88A7A78A5D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"966A8542-E5E1-468F-989E-47F71123A426\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DC1BCC0-B24B-4CFC-B3B9-FA3B0D968CC1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFFDAAB3-CC22-4604-80B3-4A54CCEFD29E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A77F1733-6755-44E7-8ECC-CFB397FC79A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:8.0.196:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9282EC1A-DFDB-49A9-8BE1-013D9B494D99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:8.0.196a:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C4A8422D-39E4-490C-B3EC-FED7468D6B4D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:8.0.204:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88A75AF4-F7BA-4CA4-8079-5D9794E1BD45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:8.0.205:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"712325E1-B37A-4994-B42E-F02553A3CB9C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC55CB2C-4DBC-4D16-96A7-FB3316A21D51\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:8.5.1.100:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FADB5808-5F9A-4FBD-A6FC-3DB17A6C6CF8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:8.5.1.103:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFC415B5-F7C8-4277-A4A3-ECFA2CB38515\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:8.5.1.105:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3454FF46-3D72-4FF9-AF5B-2E948DA412D7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:8.5.1.106:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E4726504-850B-4434-A149-09000D21F917\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:8.5.321:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6D89450-C92C-4541-917B-AD047803A2AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:8.5.323:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"798EB26B-14D6-4E90-AC84-FF47B89B82E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:8.5.324:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA562619-7FAA-4FA6-AE42-55801AF00D9C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:8.5.325:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA961FB2-C543-4A1C-9C9E-C56641EB13FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17F5982F-35BD-49A0-9DBE-774816136D57\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:9.0.383:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56D23F59-4939-4ABE-A5BC-283BFC362E45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:9.0.432:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE1DB962-10C6-4536-B693-4AF59F0C4D94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:10.0.0.210:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA60B4FB-2BA4-4304-A7B8-8F0676C4F022\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:10.0.1.004:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7D6B993-1CF8-4944-8456-B99A72F24814\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D18289BB-6568-4671-BC70-C8744DD2E0C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:10.1.0.011:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD29AACC-E101-494B-BFD4-D97FDBE4A584\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:10.1.1.016:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3F52120E-9CAB-40D9-A577-5D8278139F50\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:10.1.4.020:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AAB05A7D-3017-4589-AE5C-B1A377AF02B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:10.2.0.021:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58C665F7-E05D-4A8C-B217-6689C95D3FF8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:10.2.0.022:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8441B2BB-3837-4EDE-B44E-323B434CBF56\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:10.2.0.023:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2007F032-06BA-4347-9D9E-2C7C4C9BBCD0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF19CBB1-F047-4472-A19D-48A147396383\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:11.0.3.471:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C51EB3CF-6770-4626-BDA7-9ED94A374911\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C61B9485-2A42-4C95-9A10-3F1102E4EBBD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"79FEEF7E-B477-485A-B9BC-98F6D1A2B10B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E4FE4A01-9357-46D9-9BCB-DF2B4DECD9B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B9506D5-D8CA-4845-B2FA-0E47C9BB3C1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:11.5.6.606:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9FBAFFFF-D658-45F0-AF14-BA29AA2D5394\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:11.5.7.609:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7BFB28F3-ADA5-4BD1-9723-73FA291307BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:11.5.8.612:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9760A554-1D44-4249-97DE-8423A97BA9FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:shockwave_player:11.5.9.615:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0EA1988-B297-43B3-B53C-605180CD5F8A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116.\"}, {\"lang\": \"es\", \"value\": \"En la biblioteca IML32.dll en Adobe Shockwave Player anterior a versi\\u00f3n 11.6.0.626, permite a los atacantes remotos ejecutar c\\u00f3digo arbitrario o causar una denegaci\\u00f3n de servicio (corrupci\\u00f3n de memoria) por medio de un fragmento tSAC especialmente dise\\u00f1ado, lo que desencadena un desbordamiento de b\\u00fafer en la regi\\u00f3n heap de la memoria, una vulnerabilidad diferente de CVE-2011 -2111 y CVE-2011-2116.\"}]",
      "id": "CVE-2011-2115",
      "lastModified": "2024-11-21T01:27:37.370",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2011-06-16T23:55:02.293",
      "references": "[{\"url\": \"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=919\", \"source\": \"psirt@adobe.com\"}, {\"url\": \"http://www.adobe.com/support/security/bulletins/apsb11-17.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA11-166A.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=919\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.adobe.com/support/security/bulletins/apsb11-17.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA11-166A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}]",
      "sourceIdentifier": "psirt@adobe.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2011-2115\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2011-06-16T23:55:02.293\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116.\"},{\"lang\":\"es\",\"value\":\"En la biblioteca IML32.dll en Adobe Shockwave Player anterior a versi\u00f3n 11.6.0.626, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) por medio de un fragmento tSAC especialmente dise\u00f1ado, lo que desencadena un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria, una vulnerabilidad diferente de CVE-2011 -2111 y CVE-2011-2116.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"11.5.9.620\",\"matchCriteriaId\":\"37A6F040-3CE3-456A-95CA-319EC6704284\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA5643BC-12F8-4F05-A363-9FC97EF1DD0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"085FA7DD-8048-4768-816C-82828022FCF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0DC258D-1C2B-4A7F-AD80-6C88A7A78A5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"966A8542-E5E1-468F-989E-47F71123A426\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DC1BCC0-B24B-4CFC-B3B9-FA3B0D968CC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFFDAAB3-CC22-4604-80B3-4A54CCEFD29E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A77F1733-6755-44E7-8ECC-CFB397FC79A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:8.0.196:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9282EC1A-DFDB-49A9-8BE1-013D9B494D99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:8.0.196a:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4A8422D-39E4-490C-B3EC-FED7468D6B4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:8.0.204:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88A75AF4-F7BA-4CA4-8079-5D9794E1BD45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:8.0.205:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"712325E1-B37A-4994-B42E-F02553A3CB9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC55CB2C-4DBC-4D16-96A7-FB3316A21D51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:8.5.1.100:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FADB5808-5F9A-4FBD-A6FC-3DB17A6C6CF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:8.5.1.103:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFC415B5-F7C8-4277-A4A3-ECFA2CB38515\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:8.5.1.105:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3454FF46-3D72-4FF9-AF5B-2E948DA412D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:8.5.1.106:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4726504-850B-4434-A149-09000D21F917\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:8.5.321:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6D89450-C92C-4541-917B-AD047803A2AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:8.5.323:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"798EB26B-14D6-4E90-AC84-FF47B89B82E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:8.5.324:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA562619-7FAA-4FA6-AE42-55801AF00D9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:8.5.325:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA961FB2-C543-4A1C-9C9E-C56641EB13FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17F5982F-35BD-49A0-9DBE-774816136D57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:9.0.383:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56D23F59-4939-4ABE-A5BC-283BFC362E45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:9.0.432:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE1DB962-10C6-4536-B693-4AF59F0C4D94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:10.0.0.210:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA60B4FB-2BA4-4304-A7B8-8F0676C4F022\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:10.0.1.004:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7D6B993-1CF8-4944-8456-B99A72F24814\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D18289BB-6568-4671-BC70-C8744DD2E0C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:10.1.0.011:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD29AACC-E101-494B-BFD4-D97FDBE4A584\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:10.1.1.016:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F52120E-9CAB-40D9-A577-5D8278139F50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:10.1.4.020:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAB05A7D-3017-4589-AE5C-B1A377AF02B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:10.2.0.021:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58C665F7-E05D-4A8C-B217-6689C95D3FF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:10.2.0.022:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8441B2BB-3837-4EDE-B44E-323B434CBF56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:10.2.0.023:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2007F032-06BA-4347-9D9E-2C7C4C9BBCD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF19CBB1-F047-4472-A19D-48A147396383\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:11.0.3.471:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C51EB3CF-6770-4626-BDA7-9ED94A374911\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C61B9485-2A42-4C95-9A10-3F1102E4EBBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79FEEF7E-B477-485A-B9BC-98F6D1A2B10B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4FE4A01-9357-46D9-9BCB-DF2B4DECD9B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B9506D5-D8CA-4845-B2FA-0E47C9BB3C1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:11.5.6.606:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FBAFFFF-D658-45F0-AF14-BA29AA2D5394\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:11.5.7.609:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BFB28F3-ADA5-4BD1-9723-73FA291307BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:11.5.8.612:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9760A554-1D44-4249-97DE-8423A97BA9FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:shockwave_player:11.5.9.615:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0EA1988-B297-43B3-B53C-605180CD5F8A\"}]}]}],\"references\":[{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=919\",\"source\":\"psirt@adobe.com\"},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb11-17.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA11-166A.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=919\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb11-17.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA11-166A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]}]}}"
  }
}

CERTA-2011-AVI-343

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités permettant une exécution de code arbitraire à distance ont été corrigées dans Adobe Shockwave Player.

Description

Des vulnérabilités critiques ont été identifiées dans Adobe Shockwave Player. Elles permettent à un utilisateur malveillant d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

La version 11.6.0.626 corrige ces vulnérabilités.

Adobe Shockwave Player versions 11.5.9.620 et antérieures pour Windows et Macintosh.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin Adobe APSB11-17 du 14 juin 2011	None	vendor-advisory
Bulletin de sécurité Adobe apsb11-17 du 14 juin 2011 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eAdobe Shockwave Player versions  11.5.9.620 et ant\u00e9rieures pour Windows et Macintosh.\u003c/p\u003e",
  "content": "## Description\n\nDes vuln\u00e9rabilit\u00e9s critiques ont \u00e9t\u00e9 identifi\u00e9es dans Adobe Shockwave\nPlayer. Elles permettent \u00e0 un utilisateur malveillant d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n\nLa version 11.6.0.626 corrige ces vuln\u00e9rabilit\u00e9s.\n",
  "cves": [
    {
      "name": "CVE-2011-2115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2115"
    },
    {
      "name": "CVE-2011-2124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2124"
    },
    {
      "name": "CVE-2011-2116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2116"
    },
    {
      "name": "CVE-2011-2114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2114"
    },
    {
      "name": "CVE-2011-2113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2113"
    },
    {
      "name": "CVE-2011-2118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2118"
    },
    {
      "name": "CVE-2011-2126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2126"
    },
    {
      "name": "CVE-2011-2123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2123"
    },
    {
      "name": "CVE-2011-0318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0318"
    },
    {
      "name": "CVE-2011-2108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2108"
    },
    {
      "name": "CVE-2011-0317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0317"
    },
    {
      "name": "CVE-2011-2121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2121"
    },
    {
      "name": "CVE-2011-2122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2122"
    },
    {
      "name": "CVE-2011-2111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2111"
    },
    {
      "name": "CVE-2011-0319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0319"
    },
    {
      "name": "CVE-2011-2127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2127"
    },
    {
      "name": "CVE-2011-2119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2119"
    },
    {
      "name": "CVE-2011-0335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0335"
    },
    {
      "name": "CVE-2011-2120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2120"
    },
    {
      "name": "CVE-2011-0320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0320"
    },
    {
      "name": "CVE-2011-2109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2109"
    },
    {
      "name": "CVE-2011-2125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2125"
    },
    {
      "name": "CVE-2011-2112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2112"
    },
    {
      "name": "CVE-2011-2117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2117"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb11-17 du 14 juin 2011 :",
      "url": "http://www.adobe.com/support/security/bulletins/apsb11-17.html"
    }
  ],
  "reference": "CERTA-2011-AVI-343",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-06-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s permettant une ex\u00e9cution de code arbitraire\n\u00e0 distance ont \u00e9t\u00e9 corrig\u00e9es dans Adobe Shockwave Player.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Shockwave Player",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin Adobe APSB11-17 du 14 juin 2011",
      "url": null
    }
  ]
}

CERTA-2011-AVI-343

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités permettant une exécution de code arbitraire à distance ont été corrigées dans Adobe Shockwave Player.

Description

Des vulnérabilités critiques ont été identifiées dans Adobe Shockwave Player. Elles permettent à un utilisateur malveillant d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

La version 11.6.0.626 corrige ces vulnérabilités.

Adobe Shockwave Player versions 11.5.9.620 et antérieures pour Windows et Macintosh.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin Adobe APSB11-17 du 14 juin 2011	None	vendor-advisory
Bulletin de sécurité Adobe apsb11-17 du 14 juin 2011 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eAdobe Shockwave Player versions  11.5.9.620 et ant\u00e9rieures pour Windows et Macintosh.\u003c/p\u003e",
  "content": "## Description\n\nDes vuln\u00e9rabilit\u00e9s critiques ont \u00e9t\u00e9 identifi\u00e9es dans Adobe Shockwave\nPlayer. Elles permettent \u00e0 un utilisateur malveillant d\u0027ex\u00e9cuter du code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n\nLa version 11.6.0.626 corrige ces vuln\u00e9rabilit\u00e9s.\n",
  "cves": [
    {
      "name": "CVE-2011-2115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2115"
    },
    {
      "name": "CVE-2011-2124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2124"
    },
    {
      "name": "CVE-2011-2116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2116"
    },
    {
      "name": "CVE-2011-2114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2114"
    },
    {
      "name": "CVE-2011-2113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2113"
    },
    {
      "name": "CVE-2011-2118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2118"
    },
    {
      "name": "CVE-2011-2126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2126"
    },
    {
      "name": "CVE-2011-2123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2123"
    },
    {
      "name": "CVE-2011-0318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0318"
    },
    {
      "name": "CVE-2011-2108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2108"
    },
    {
      "name": "CVE-2011-0317",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0317"
    },
    {
      "name": "CVE-2011-2121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2121"
    },
    {
      "name": "CVE-2011-2122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2122"
    },
    {
      "name": "CVE-2011-2111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2111"
    },
    {
      "name": "CVE-2011-0319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0319"
    },
    {
      "name": "CVE-2011-2127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2127"
    },
    {
      "name": "CVE-2011-2119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2119"
    },
    {
      "name": "CVE-2011-0335",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0335"
    },
    {
      "name": "CVE-2011-2120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2120"
    },
    {
      "name": "CVE-2011-0320",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0320"
    },
    {
      "name": "CVE-2011-2109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2109"
    },
    {
      "name": "CVE-2011-2125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2125"
    },
    {
      "name": "CVE-2011-2112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2112"
    },
    {
      "name": "CVE-2011-2117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2117"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Adobe apsb11-17 du 14 juin 2011 :",
      "url": "http://www.adobe.com/support/security/bulletins/apsb11-17.html"
    }
  ],
  "reference": "CERTA-2011-AVI-343",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-06-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s permettant une ex\u00e9cution de code arbitraire\n\u00e0 distance ont \u00e9t\u00e9 corrig\u00e9es dans Adobe Shockwave Player.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Shockwave Player",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin Adobe APSB11-17 du 14 juin 2011",
      "url": null
    }
  ]
}

GSD-2011-2115

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2011-2115

Aliases

CVE-2011-2115

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2011-2115",
    "description": "IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116.",
    "id": "GSD-2011-2115"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2011-2115"
      ],
      "details": "IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116.",
      "id": "GSD-2011-2115",
      "modified": "2023-12-13T01:19:06.901186Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@adobe.com",
        "ID": "CVE-2011-2115",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20110614 Adobe Shockwave Cursor Asset tSAC Chunk Integer Overflow Vulnerability",
            "refsource": "IDEFENSE",
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=919"
          },
          {
            "name": "http://www.adobe.com/support/security/bulletins/apsb11-17.html",
            "refsource": "CONFIRM",
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-17.html"
          },
          {
            "name": "TA11-166A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.5.6.606:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.5.7.609:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:8.5.1.100:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:8.5.323:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:8.5.1.106:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:8.5.1.105:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:8.5.1.103:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:8.5.324:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:8.0.204:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.0.3.471:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:10.2.0.023:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:10.2.0.022:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:10.2.0.021:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:10.1.4.020:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.5.9.615:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "11.5.9.620",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:8.5.321:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:8.0.196:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:9.0.432:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:10.1.0.011:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:10.0.0.210:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:11.5.8.612:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:8.0.205:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:9.0.383:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:8.5.325:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:8.0.196a:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:10.1.1.016:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:adobe:shockwave_player:10.0.1.004:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@adobe.com",
          "ID": "CVE-2011-2115"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb11-17.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.adobe.com/support/security/bulletins/apsb11-17.html"
            },
            {
              "name": "20110614 Adobe Shockwave Cursor Asset tSAC Chunk Integer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "tags": [],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=919"
            },
            {
              "name": "TA11-166A",
              "refsource": "CERT",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2011-10-12T04:00Z",
      "publishedDate": "2011-06-16T23:55Z"
    }
  }
}

GHSA-4J6W-68G9-8X9H

Vulnerability from github – Published: 2022-05-17 05:37 – Updated: 2022-05-17 05:37

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2011-2115"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-06-16T23:55:00Z",
    "severity": "HIGH"
  },
  "details": "IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116.",
  "id": "GHSA-4j6w-68g9-8x9h",
  "modified": "2022-05-17T05:37:49Z",
  "published": "2022-05-17T05:37:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2115"
    },
    {
      "type": "WEB",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=919"
    },
    {
      "type": "WEB",
      "url": "http://www.adobe.com/support/security/bulletins/apsb11-17.html"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2011-2115

Vulnerability from fkie_nvd - Published: 2011-06-16 23:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
psirt@adobe.com	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=919
psirt@adobe.com	http://www.adobe.com/support/security/bulletins/apsb11-17.html	Patch, Vendor Advisory
psirt@adobe.com	http://www.us-cert.gov/cas/techalerts/TA11-166A.html	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=919
af854a3a-2127-422b-91ae-364da2661108	http://www.adobe.com/support/security/bulletins/apsb11-17.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA11-166A.html	US Government Resource

Impacted products

Vendor	Product	Version
adobe	shockwave_player	*
adobe	shockwave_player	1.0
adobe	shockwave_player	2.0
adobe	shockwave_player	3.0
adobe	shockwave_player	4.0
adobe	shockwave_player	5.0
adobe	shockwave_player	6.0
adobe	shockwave_player	8.0
adobe	shockwave_player	8.0.196
adobe	shockwave_player	8.0.196a
adobe	shockwave_player	8.0.204
adobe	shockwave_player	8.0.205
adobe	shockwave_player	8.5.1
adobe	shockwave_player	8.5.1.100
adobe	shockwave_player	8.5.1.103
adobe	shockwave_player	8.5.1.105
adobe	shockwave_player	8.5.1.106
adobe	shockwave_player	8.5.321
adobe	shockwave_player	8.5.323
adobe	shockwave_player	8.5.324
adobe	shockwave_player	8.5.325
adobe	shockwave_player	9
adobe	shockwave_player	9.0.383
adobe	shockwave_player	9.0.432
adobe	shockwave_player	10.0.0.210
adobe	shockwave_player	10.0.1.004
adobe	shockwave_player	10.1.0.11
adobe	shockwave_player	10.1.0.011
adobe	shockwave_player	10.1.1.016
adobe	shockwave_player	10.1.4.020
adobe	shockwave_player	10.2.0.021
adobe	shockwave_player	10.2.0.022
adobe	shockwave_player	10.2.0.023
adobe	shockwave_player	11.0.0.456
adobe	shockwave_player	11.0.3.471
adobe	shockwave_player	11.5.0.595
adobe	shockwave_player	11.5.0.596
adobe	shockwave_player	11.5.1.601
adobe	shockwave_player	11.5.2.602
adobe	shockwave_player	11.5.6.606
adobe	shockwave_player	11.5.7.609
adobe	shockwave_player	11.5.8.612
adobe	shockwave_player	11.5.9.615

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37A6F040-3CE3-456A-95CA-319EC6704284",
              "versionEndIncluding": "11.5.9.620",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA5643BC-12F8-4F05-A363-9FC97EF1DD0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "085FA7DD-8048-4768-816C-82828022FCF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0DC258D-1C2B-4A7F-AD80-6C88A7A78A5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "966A8542-E5E1-468F-989E-47F71123A426",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DC1BCC0-B24B-4CFC-B3B9-FA3B0D968CC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFFDAAB3-CC22-4604-80B3-4A54CCEFD29E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A77F1733-6755-44E7-8ECC-CFB397FC79A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:8.0.196:*:*:*:*:*:*:*",
              "matchCriteriaId": "9282EC1A-DFDB-49A9-8BE1-013D9B494D99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:8.0.196a:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4A8422D-39E4-490C-B3EC-FED7468D6B4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:8.0.204:*:*:*:*:*:*:*",
              "matchCriteriaId": "88A75AF4-F7BA-4CA4-8079-5D9794E1BD45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:8.0.205:*:*:*:*:*:*:*",
              "matchCriteriaId": "712325E1-B37A-4994-B42E-F02553A3CB9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC55CB2C-4DBC-4D16-96A7-FB3316A21D51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.1.100:*:*:*:*:*:*:*",
              "matchCriteriaId": "FADB5808-5F9A-4FBD-A6FC-3DB17A6C6CF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.1.103:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFC415B5-F7C8-4277-A4A3-ECFA2CB38515",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.1.105:*:*:*:*:*:*:*",
              "matchCriteriaId": "3454FF46-3D72-4FF9-AF5B-2E948DA412D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.1.106:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4726504-850B-4434-A149-09000D21F917",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.321:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6D89450-C92C-4541-917B-AD047803A2AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.323:*:*:*:*:*:*:*",
              "matchCriteriaId": "798EB26B-14D6-4E90-AC84-FF47B89B82E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.324:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA562619-7FAA-4FA6-AE42-55801AF00D9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:8.5.325:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA961FB2-C543-4A1C-9C9E-C56641EB13FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F5982F-35BD-49A0-9DBE-774816136D57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:9.0.383:*:*:*:*:*:*:*",
              "matchCriteriaId": "56D23F59-4939-4ABE-A5BC-283BFC362E45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:9.0.432:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE1DB962-10C6-4536-B693-4AF59F0C4D94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:10.0.0.210:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA60B4FB-2BA4-4304-A7B8-8F0676C4F022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:10.0.1.004:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7D6B993-1CF8-4944-8456-B99A72F24814",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "D18289BB-6568-4671-BC70-C8744DD2E0C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:10.1.0.011:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD29AACC-E101-494B-BFD4-D97FDBE4A584",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:10.1.1.016:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F52120E-9CAB-40D9-A577-5D8278139F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:10.1.4.020:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAB05A7D-3017-4589-AE5C-B1A377AF02B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:10.2.0.021:*:*:*:*:*:*:*",
              "matchCriteriaId": "58C665F7-E05D-4A8C-B217-6689C95D3FF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:10.2.0.022:*:*:*:*:*:*:*",
              "matchCriteriaId": "8441B2BB-3837-4EDE-B44E-323B434CBF56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:10.2.0.023:*:*:*:*:*:*:*",
              "matchCriteriaId": "2007F032-06BA-4347-9D9E-2C7C4C9BBCD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF19CBB1-F047-4472-A19D-48A147396383",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:11.0.3.471:*:*:*:*:*:*:*",
              "matchCriteriaId": "C51EB3CF-6770-4626-BDA7-9ED94A374911",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*",
              "matchCriteriaId": "C61B9485-2A42-4C95-9A10-3F1102E4EBBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*",
              "matchCriteriaId": "79FEEF7E-B477-485A-B9BC-98F6D1A2B10B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4FE4A01-9357-46D9-9BCB-DF2B4DECD9B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B9506D5-D8CA-4845-B2FA-0E47C9BB3C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.6.606:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FBAFFFF-D658-45F0-AF14-BA29AA2D5394",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.7.609:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BFB28F3-ADA5-4BD1-9723-73FA291307BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.8.612:*:*:*:*:*:*:*",
              "matchCriteriaId": "9760A554-1D44-4249-97DE-8423A97BA9FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:adobe:shockwave_player:11.5.9.615:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0EA1988-B297-43B3-B53C-605180CD5F8A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116."
    },
    {
      "lang": "es",
      "value": "En la biblioteca IML32.dll en Adobe Shockwave Player anterior a versi\u00f3n 11.6.0.626, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) por medio de un fragmento tSAC especialmente dise\u00f1ado, lo que desencadena un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria, una vulnerabilidad diferente de CVE-2011 -2111 y CVE-2011-2116."
    }
  ],
  "id": "CVE-2011-2115",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2011-06-16T23:55:02.293",
  "references": [
    {
      "source": "psirt@adobe.com",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=919"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.adobe.com/support/security/bulletins/apsb11-17.html"
    },
    {
      "source": "psirt@adobe.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=919"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.adobe.com/support/security/bulletins/apsb11-17.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA11-166A.html"
    }
  ],
  "sourceIdentifier": "psirt@adobe.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2011-2115 (GCVE-0-2011-2115)

CERTA-2011-AVI-343

Description

Solution

CERTA-2011-AVI-343

Description

Solution

GSD-2011-2115

GHSA-4J6W-68G9-8X9H

FKIE_CVE-2011-2115

Tags

Sightings

Nomenclature