Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2011-2459 (GCVE-0-2011-2459)
Vulnerability from cvelistv5 – Published: 2011-11-11 16:00 – Updated: 2024-08-06 23:00
VLAI?
EPSS
Summary
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:00:33.910Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:13904",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13904"
},
{
"name": "openSUSE-SU-2011:1240",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00014.html"
},
{
"name": "SUSE-SA:2011:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00019.html"
},
{
"name": "SUSE-SU-2011:1244",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00017.html"
},
{
"name": "oval:org.mitre.oval:def:15756",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15756"
},
{
"name": "GLSA-201204-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-07.xml"
},
{
"name": "RHSA-2011:1445",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1445.html"
},
{
"name": "48819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48819"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "oval:org.mitre.oval:def:13904",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13904"
},
{
"name": "openSUSE-SU-2011:1240",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00014.html"
},
{
"name": "SUSE-SA:2011:043",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00019.html"
},
{
"name": "SUSE-SU-2011:1244",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00017.html"
},
{
"name": "oval:org.mitre.oval:def:15756",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15756"
},
{
"name": "GLSA-201204-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-07.xml"
},
{
"name": "RHSA-2011:1445",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1445.html"
},
{
"name": "48819",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48819"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-2459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:13904",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13904"
},
{
"name": "openSUSE-SU-2011:1240",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00014.html"
},
{
"name": "SUSE-SA:2011:043",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00019.html"
},
{
"name": "SUSE-SU-2011:1244",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00017.html"
},
{
"name": "oval:org.mitre.oval:def:15756",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15756"
},
{
"name": "GLSA-201204-07",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201204-07.xml"
},
{
"name": "RHSA-2011:1445",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1445.html"
},
{
"name": "48819",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48819"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2011-2459",
"datePublished": "2011-11-11T16:00:00",
"dateReserved": "2011-06-06T00:00:00",
"dateUpdated": "2024-08-06T23:00:33.910Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0\", \"versionEndExcluding\": \"10.3.183.11\", \"matchCriteriaId\": \"FCBEA236-C603-4130-9AD5-CAAA2634B98A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.0\", \"versionEndExcluding\": \"11.1.102.55\", \"matchCriteriaId\": \"59FFB9C3-5A5B-4BD7-B364-FB602F218B60\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:sun:solaris:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"76B8E33C-4346-4318-B461-3C9547372C67\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.0\", \"versionEndExcluding\": \"11.1.102.59\", \"matchCriteriaId\": \"AF0EB8A3-D75B-4C37-9648-2E2CC1E5751F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.0\", \"versionEndExcluding\": \"3.1.0.4880\", \"matchCriteriaId\": \"FBFF69EA-E70F-499C-8D0D-672B093A0032\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460.\"}, {\"lang\": \"es\", \"value\": \"Adobe Flash Player anterior a v10.3.183.11 ybv11.x anteriores a v11.1.102.55 en Windows, Mac OS X, Linux, y Solaris y anteriores a v11.1.102.59 en Android, y Adobe AIR anterior a v3.1.0.4880, permite a atacantes ejecutar c\\u00f3digo arbitrario o causar una denegaci\\u00f3n de servicio (corrupci\\u00f3n de memoria ) a trav\\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455 y CVE-2011-2460.\"}]",
"id": "CVE-2011-2459",
"lastModified": "2024-11-21T01:28:19.557",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2011-11-11T16:55:01.660",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00014.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00017.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00019.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/48819\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-201204-07.xml\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.adobe.com/support/security/bulletins/apsb11-28.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-1445.html\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13904\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15756\", \"source\": \"psirt@adobe.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00014.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00017.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00019.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/48819\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://security.gentoo.org/glsa/glsa-201204-07.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.adobe.com/support/security/bulletins/apsb11-28.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.redhat.com/support/errata/RHSA-2011-1445.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13904\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15756\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2011-2459\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2011-11-11T16:55:01.660\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460.\"},{\"lang\":\"es\",\"value\":\"Adobe Flash Player anterior a v10.3.183.11 ybv11.x anteriores a v11.1.102.55 en Windows, Mac OS X, Linux, y Solaris y anteriores a v11.1.102.59 en Android, y Adobe AIR anterior a v3.1.0.4880, permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria ) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455 y CVE-2011-2460.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0\",\"versionEndExcluding\":\"10.3.183.11\",\"matchCriteriaId\":\"FCBEA236-C603-4130-9AD5-CAAA2634B98A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0\",\"versionEndExcluding\":\"11.1.102.55\",\"matchCriteriaId\":\"59FFB9C3-5A5B-4BD7-B364-FB602F218B60\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4781BF1E-8A4E-4AFF-9540-23D523EE30DD\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:sun:solaris:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76B8E33C-4346-4318-B461-3C9547372C67\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0\",\"versionEndExcluding\":\"11.1.102.59\",\"matchCriteriaId\":\"AF0EB8A3-D75B-4C37-9648-2E2CC1E5751F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0\",\"versionEndExcluding\":\"3.1.0.4880\",\"matchCriteriaId\":\"FBFF69EA-E70F-499C-8D0D-672B093A0032\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00014.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00017.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00019.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48819\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201204-07.xml\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb11-28.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1445.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13904\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15756\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00014.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00019.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/48819\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201204-07.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.adobe.com/support/security/bulletins/apsb11-28.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2011-1445.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13904\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15756\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
GHSA-VV8G-VFCP-X6QC
Vulnerability from github – Published: 2022-05-14 01:55 – Updated: 2022-05-14 01:55
VLAI?
Details
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460.
{
"affected": [],
"aliases": [
"CVE-2011-2459"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2011-11-11T16:55:00Z",
"severity": "HIGH"
},
"details": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460.",
"id": "GHSA-vv8g-vfcp-x6qc",
"modified": "2022-05-14T01:55:28Z",
"published": "2022-05-14T01:55:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2459"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13904"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15756"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00014.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00017.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00019.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/48819"
},
{
"type": "WEB",
"url": "http://security.gentoo.org/glsa/glsa-201204-07.xml"
},
{
"type": "WEB",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1445.html"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2011-2459
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2011-2459",
"description": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460.",
"id": "GSD-2011-2459",
"references": [
"https://www.suse.com/security/cve/CVE-2011-2459.html",
"https://access.redhat.com/errata/RHSA-2011:1445"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2011-2459"
],
"details": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460.",
"id": "GSD-2011-2459",
"modified": "2023-12-13T01:19:07.246930Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-2459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:13904",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13904"
},
{
"name": "openSUSE-SU-2011:1240",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00014.html"
},
{
"name": "SUSE-SA:2011:043",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00019.html"
},
{
"name": "SUSE-SU-2011:1244",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00017.html"
},
{
"name": "oval:org.mitre.oval:def:15756",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15756"
},
{
"name": "GLSA-201204-07",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201204-07.xml"
},
{
"name": "RHSA-2011:1445",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1445.html"
},
{
"name": "48819",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48819"
},
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"refsource": "CONFIRM",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.3.183.11",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.102.55",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.1.102.59",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.1.0.4880",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2011-2459"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
},
{
"name": "SUSE-SA:2011:043",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00019.html"
},
{
"name": "SUSE-SU-2011:1244",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00017.html"
},
{
"name": "RHSA-2011:1445",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1445.html"
},
{
"name": "openSUSE-SU-2011:1240",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00014.html"
},
{
"name": "GLSA-201204-07",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-07.xml"
},
{
"name": "48819",
"refsource": "SECUNIA",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48819"
},
{
"name": "oval:org.mitre.oval:def:15756",
"refsource": "OVAL",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15756"
},
{
"name": "oval:org.mitre.oval:def:13904",
"refsource": "OVAL",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13904"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2018-11-29T15:38Z",
"publishedDate": "2011-11-11T16:55Z"
}
}
}
FKIE_CVE-2011-2459
Vulnerability from fkie_nvd - Published: 2011-11-11 16:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | flash_player | * | |
| adobe | flash_player | * | |
| apple | mac_os_x | - | |
| linux | linux_kernel | - | |
| microsoft | windows | - | |
| sun | solaris | - | |
| adobe | flash_player | * | |
| android | - | ||
| adobe | adobe_air | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FCBEA236-C603-4130-9AD5-CAAA2634B98A",
"versionEndExcluding": "10.3.183.11",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59FFB9C3-5A5B-4BD7-B364-FB602F218B60",
"versionEndExcluding": "11.1.102.55",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:sun:solaris:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76B8E33C-4346-4318-B461-3C9547372C67",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF0EB8A3-D75B-4C37-9648-2E2CC1E5751F",
"versionEndExcluding": "11.1.102.59",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBFF69EA-E70F-499C-8D0D-672B093A0032",
"versionEndExcluding": "3.1.0.4880",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460."
},
{
"lang": "es",
"value": "Adobe Flash Player anterior a v10.3.183.11 ybv11.x anteriores a v11.1.102.55 en Windows, Mac OS X, Linux, y Solaris y anteriores a v11.1.102.59 en Android, y Adobe AIR anterior a v3.1.0.4880, permite a atacantes ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria ) a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455 y CVE-2011-2460."
}
],
"id": "CVE-2011-2459",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-11-11T16:55:01.660",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00014.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00017.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00019.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48819"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-07.xml"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1445.html"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13904"
},
{
"source": "psirt@adobe.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/48819"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201204-07.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1445.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13904"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15756"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTA-2012-AVI-241
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans HP SIM (Systems Insight Manager). Trois systèmes d'exploitation sont concernés, HP-UX, Linux et Windows. Les vulnérabilités sont de différentes natures, exécution de code arbitraire à distance, accès non autorisés, injection de requêtes illégitimes par rebond (CSRF), redirection d'URL, contournement d'authentification et déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "HP-UX.B.11.23 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "HP-UX.B.11.31.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-2134",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2134"
},
{
"name": "CVE-2010-4476",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4476"
},
{
"name": "CVE-2011-2135",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2135"
},
{
"name": "CVE-2011-3558",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3558"
},
{
"name": "CVE-2012-1994",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1994"
},
{
"name": "CVE-2010-4470",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4470"
},
{
"name": "CVE-2011-3556",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3556"
},
{
"name": "CVE-2012-1999",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1999"
},
{
"name": "CVE-2012-1995",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1995"
},
{
"name": "CVE-2011-2414",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2414"
},
{
"name": "CVE-2011-0864",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0864"
},
{
"name": "CVE-2011-0868",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0868"
},
{
"name": "CVE-2011-2456",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2456"
},
{
"name": "CVE-2011-2450",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2450"
},
{
"name": "CVE-2011-0611",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0611"
},
{
"name": "CVE-2011-2429",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2429"
},
{
"name": "CVE-2011-2430",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2430"
},
{
"name": "CVE-2011-2415",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2415"
},
{
"name": "CVE-2011-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2426"
},
{
"name": "CVE-2011-0866",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0866"
},
{
"name": "CVE-2011-2137",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2137"
},
{
"name": "CVE-2011-2458",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2458"
},
{
"name": "CVE-2011-2140",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2140"
},
{
"name": "CVE-2011-2425",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2425"
},
{
"name": "CVE-2011-2457",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2457"
},
{
"name": "CVE-2011-0871",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0871"
},
{
"name": "CVE-2011-2461",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2461"
},
{
"name": "CVE-2011-0786",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0786"
},
{
"name": "CVE-2009-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
},
{
"name": "CVE-2011-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0802"
},
{
"name": "CVE-2011-2459",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2459"
},
{
"name": "CVE-2010-2227",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2227"
},
{
"name": "CVE-2011-2092",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2092"
},
{
"name": "CVE-2012-1996",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1996"
},
{
"name": "CVE-2011-2427",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2427"
},
{
"name": "CVE-2011-2428",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2428"
},
{
"name": "CVE-2011-0862",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0862"
},
{
"name": "CVE-2011-2139",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2139"
},
{
"name": "CVE-2011-2138",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2138"
},
{
"name": "CVE-2011-2451",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2451"
},
{
"name": "CVE-2011-2136",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2136"
},
{
"name": "CVE-2011-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0865"
},
{
"name": "CVE-2011-2460",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2460"
},
{
"name": "CVE-2011-2416",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2416"
},
{
"name": "CVE-2011-0815",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0815"
},
{
"name": "CVE-2011-0817",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0817"
},
{
"name": "CVE-2011-0863",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0863"
},
{
"name": "CVE-2011-0873",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0873"
},
{
"name": "CVE-2011-0814",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0814"
},
{
"name": "CVE-2011-0788",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0788"
},
{
"name": "CVE-2011-0869",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0869"
},
{
"name": "CVE-2011-2130",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2130"
},
{
"name": "CVE-2012-1997",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1997"
},
{
"name": "CVE-2011-3557",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3557"
},
{
"name": "CVE-2011-2453",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2453"
},
{
"name": "CVE-2011-0867",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0867"
},
{
"name": "CVE-2011-2093",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2093"
},
{
"name": "CVE-2011-2452",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2452"
},
{
"name": "CVE-2011-2454",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2454"
},
{
"name": "CVE-2011-2455",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2455"
},
{
"name": "CVE-2011-2417",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2417"
},
{
"name": "CVE-2011-2445",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2445"
},
{
"name": "CVE-2011-0872",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0872"
},
{
"name": "CVE-2012-1998",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1998"
},
{
"name": "CVE-2011-2444",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2444"
}
],
"links": [],
"reference": "CERTA-2012-AVI-241",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-05-02T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eHP SIM (Systems Insight Manager)\u003c/span\u003e. Trois syst\u00e8mes\nd\u0027exploitation sont concern\u00e9s, HP-UX, Linux et Windows. Les\nvuln\u00e9rabilit\u00e9s sont de diff\u00e9rentes natures, ex\u00e9cution de code arbitraire\n\u00e0 distance, acc\u00e8s non autoris\u00e9s, injection de requ\u00eates ill\u00e9gitimes par\nrebond (CSRF), redirection d\u0027URL, contournement d\u0027authentification et\nd\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans HP SIM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 HP c03298151 du 30 avril 2012",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03298151"
}
]
}
CERTA-2011-AVI-630
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités dans Adobe Flash Player permettent l'exécution de code arbitraire à distance.
Description
De multiples vulnérabilités ont été découvertes dans Adobe Flash Player. Celles-ci, non détaillées par l'éditeur, permettent l'exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Adobe Flash Player versions 11.0.1.152 et ant\u00e9rieures pour Windows, Macintosh, Linux et Solaris ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Flash Player versions 11.0.1.153 et ant\u00e9rieures pour Android.",
"product": {
"name": "N/A",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Adobe Flash Player.\nCelles-ci, non d\u00e9taill\u00e9es par l\u0027\u00e9diteur, permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-2456",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2456"
},
{
"name": "CVE-2011-2450",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2450"
},
{
"name": "CVE-2011-2458",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2458"
},
{
"name": "CVE-2011-2457",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2457"
},
{
"name": "CVE-2011-2459",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2459"
},
{
"name": "CVE-2011-2451",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2451"
},
{
"name": "CVE-2011-2460",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2460"
},
{
"name": "CVE-2011-2453",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2453"
},
{
"name": "CVE-2011-2452",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2452"
},
{
"name": "CVE-2011-2454",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2454"
},
{
"name": "CVE-2011-2455",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2455"
},
{
"name": "CVE-2011-2445",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2445"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Oracle du 07 f\u00e9vrier 2012 : http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flash_player4",
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer4"
}
],
"reference": "CERTA-2011-AVI-630",
"revisions": [
{
"description": "version initiale ;",
"revision_date": "2011-11-14T00:00:00.000000"
},
{
"description": "ajout du bulletin Oracle.",
"revision_date": "2012-02-09T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s dans \u003cspan class=\"textit\"\u003eAdobe Flash\nPlayer\u003c/span\u003e permettent l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Flash Player",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB11-28 du 10 novembre 2011",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
]
}
CERTA-2011-AVI-642
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Google Chrome. Elles permettent notamment l'exécution de code à distance ou le contournement de la politique de sécurité.
Description
De multiples vulnérabilités ont été corrigées dans Google Chrome. Elles permettent notamment l'exécution de code à distance ou le contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Google Chrome versions ant\u00e9rieures \u00e0 15.0.874.120.",
"product": {
"name": "Chrome",
"vendor": {
"name": "Google",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Google Chrome. Elles\npermettent notamment l\u0027ex\u00e9cution de code \u00e0 distance ou le contournement\nde la politique de s\u00e9curit\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-3892",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3892"
},
{
"name": "CVE-2011-2456",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2456"
},
{
"name": "CVE-2011-2450",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2450"
},
{
"name": "CVE-2011-3896",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3896"
},
{
"name": "CVE-2011-2458",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2458"
},
{
"name": "CVE-2011-2457",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2457"
},
{
"name": "CVE-2011-3895",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3895"
},
{
"name": "CVE-2011-3894",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3894"
},
{
"name": "CVE-2011-2459",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2459"
},
{
"name": "CVE-2011-2451",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2451"
},
{
"name": "CVE-2011-2460",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2460"
},
{
"name": "CVE-2011-2453",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2453"
},
{
"name": "CVE-2011-2452",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2452"
},
{
"name": "CVE-2011-3898",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3898"
},
{
"name": "CVE-2011-2454",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2454"
},
{
"name": "CVE-2011-2455",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2455"
},
{
"name": "CVE-2011-2445",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2445"
},
{
"name": "CVE-2011-3893",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3893"
},
{
"name": "CVE-2011-3897",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3897"
}
],
"links": [
{
"title": "Note de version Google Chrome 2011/11/stable-channel-update du 10 novembre 2011 :",
"url": "http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html"
}
],
"reference": "CERTA-2011-AVI-642",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-11-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eGoogle Chrome\u003c/span\u003e. Elles permettent notamment\nl\u0027ex\u00e9cution de code \u00e0 distance ou le contournement de la politique de\ns\u00e9curit\u00e9.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans Google Chrome",
"vendor_advisories": [
{
"published_at": null,
"title": "Notes de version Google Chrome du 10 Novembre 2011",
"url": null
}
]
}
CERTA-2011-AVI-642
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Google Chrome. Elles permettent notamment l'exécution de code à distance ou le contournement de la politique de sécurité.
Description
De multiples vulnérabilités ont été corrigées dans Google Chrome. Elles permettent notamment l'exécution de code à distance ou le contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Google Chrome versions ant\u00e9rieures \u00e0 15.0.874.120.",
"product": {
"name": "Chrome",
"vendor": {
"name": "Google",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Google Chrome. Elles\npermettent notamment l\u0027ex\u00e9cution de code \u00e0 distance ou le contournement\nde la politique de s\u00e9curit\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-3892",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3892"
},
{
"name": "CVE-2011-2456",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2456"
},
{
"name": "CVE-2011-2450",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2450"
},
{
"name": "CVE-2011-3896",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3896"
},
{
"name": "CVE-2011-2458",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2458"
},
{
"name": "CVE-2011-2457",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2457"
},
{
"name": "CVE-2011-3895",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3895"
},
{
"name": "CVE-2011-3894",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3894"
},
{
"name": "CVE-2011-2459",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2459"
},
{
"name": "CVE-2011-2451",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2451"
},
{
"name": "CVE-2011-2460",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2460"
},
{
"name": "CVE-2011-2453",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2453"
},
{
"name": "CVE-2011-2452",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2452"
},
{
"name": "CVE-2011-3898",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3898"
},
{
"name": "CVE-2011-2454",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2454"
},
{
"name": "CVE-2011-2455",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2455"
},
{
"name": "CVE-2011-2445",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2445"
},
{
"name": "CVE-2011-3893",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3893"
},
{
"name": "CVE-2011-3897",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3897"
}
],
"links": [
{
"title": "Note de version Google Chrome 2011/11/stable-channel-update du 10 novembre 2011 :",
"url": "http://googlechromereleases.blogspot.com/2011/11/stable-channel-update.html"
}
],
"reference": "CERTA-2011-AVI-642",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-11-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eGoogle Chrome\u003c/span\u003e. Elles permettent notamment\nl\u0027ex\u00e9cution de code \u00e0 distance ou le contournement de la politique de\ns\u00e9curit\u00e9.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans Google Chrome",
"vendor_advisories": [
{
"published_at": null,
"title": "Notes de version Google Chrome du 10 Novembre 2011",
"url": null
}
]
}
CERTA-2012-AVI-241
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans HP SIM (Systems Insight Manager). Trois systèmes d'exploitation sont concernés, HP-UX, Linux et Windows. Les vulnérabilités sont de différentes natures, exécution de code arbitraire à distance, accès non autorisés, injection de requêtes illégitimes par rebond (CSRF), redirection d'URL, contournement d'authentification et déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "HP-UX.B.11.23 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "HP-UX.B.11.31.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-2134",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2134"
},
{
"name": "CVE-2010-4476",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4476"
},
{
"name": "CVE-2011-2135",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2135"
},
{
"name": "CVE-2011-3558",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3558"
},
{
"name": "CVE-2012-1994",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1994"
},
{
"name": "CVE-2010-4470",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4470"
},
{
"name": "CVE-2011-3556",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3556"
},
{
"name": "CVE-2012-1999",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1999"
},
{
"name": "CVE-2012-1995",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1995"
},
{
"name": "CVE-2011-2414",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2414"
},
{
"name": "CVE-2011-0864",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0864"
},
{
"name": "CVE-2011-0868",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0868"
},
{
"name": "CVE-2011-2456",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2456"
},
{
"name": "CVE-2011-2450",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2450"
},
{
"name": "CVE-2011-0611",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0611"
},
{
"name": "CVE-2011-2429",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2429"
},
{
"name": "CVE-2011-2430",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2430"
},
{
"name": "CVE-2011-2415",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2415"
},
{
"name": "CVE-2011-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2426"
},
{
"name": "CVE-2011-0866",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0866"
},
{
"name": "CVE-2011-2137",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2137"
},
{
"name": "CVE-2011-2458",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2458"
},
{
"name": "CVE-2011-2140",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2140"
},
{
"name": "CVE-2011-2425",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2425"
},
{
"name": "CVE-2011-2457",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2457"
},
{
"name": "CVE-2011-0871",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0871"
},
{
"name": "CVE-2011-2461",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2461"
},
{
"name": "CVE-2011-0786",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0786"
},
{
"name": "CVE-2009-3555",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3555"
},
{
"name": "CVE-2011-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0802"
},
{
"name": "CVE-2011-2459",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2459"
},
{
"name": "CVE-2010-2227",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2227"
},
{
"name": "CVE-2011-2092",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2092"
},
{
"name": "CVE-2012-1996",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1996"
},
{
"name": "CVE-2011-2427",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2427"
},
{
"name": "CVE-2011-2428",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2428"
},
{
"name": "CVE-2011-0862",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0862"
},
{
"name": "CVE-2011-2139",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2139"
},
{
"name": "CVE-2011-2138",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2138"
},
{
"name": "CVE-2011-2451",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2451"
},
{
"name": "CVE-2011-2136",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2136"
},
{
"name": "CVE-2011-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0865"
},
{
"name": "CVE-2011-2460",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2460"
},
{
"name": "CVE-2011-2416",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2416"
},
{
"name": "CVE-2011-0815",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0815"
},
{
"name": "CVE-2011-0817",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0817"
},
{
"name": "CVE-2011-0863",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0863"
},
{
"name": "CVE-2011-0873",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0873"
},
{
"name": "CVE-2011-0814",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0814"
},
{
"name": "CVE-2011-0788",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0788"
},
{
"name": "CVE-2011-0869",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0869"
},
{
"name": "CVE-2011-2130",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2130"
},
{
"name": "CVE-2012-1997",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1997"
},
{
"name": "CVE-2011-3557",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3557"
},
{
"name": "CVE-2011-2453",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2453"
},
{
"name": "CVE-2011-0867",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0867"
},
{
"name": "CVE-2011-2093",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2093"
},
{
"name": "CVE-2011-2452",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2452"
},
{
"name": "CVE-2011-2454",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2454"
},
{
"name": "CVE-2011-2455",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2455"
},
{
"name": "CVE-2011-2417",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2417"
},
{
"name": "CVE-2011-2445",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2445"
},
{
"name": "CVE-2011-0872",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0872"
},
{
"name": "CVE-2012-1998",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1998"
},
{
"name": "CVE-2011-2444",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2444"
}
],
"links": [],
"reference": "CERTA-2012-AVI-241",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2012-05-02T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eHP SIM (Systems Insight Manager)\u003c/span\u003e. Trois syst\u00e8mes\nd\u0027exploitation sont concern\u00e9s, HP-UX, Linux et Windows. Les\nvuln\u00e9rabilit\u00e9s sont de diff\u00e9rentes natures, ex\u00e9cution de code arbitraire\n\u00e0 distance, acc\u00e8s non autoris\u00e9s, injection de requ\u00eates ill\u00e9gitimes par\nrebond (CSRF), redirection d\u0027URL, contournement d\u0027authentification et\nd\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans HP SIM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 HP c03298151 du 30 avril 2012",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03298151"
}
]
}
CERTA-2011-AVI-630
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités dans Adobe Flash Player permettent l'exécution de code arbitraire à distance.
Description
De multiples vulnérabilités ont été découvertes dans Adobe Flash Player. Celles-ci, non détaillées par l'éditeur, permettent l'exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Adobe Flash Player versions 11.0.1.152 et ant\u00e9rieures pour Windows, Macintosh, Linux et Solaris ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Adobe",
"scada": false
}
}
},
{
"description": "Adobe Flash Player versions 11.0.1.153 et ant\u00e9rieures pour Android.",
"product": {
"name": "N/A",
"vendor": {
"name": "Adobe",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Adobe Flash Player.\nCelles-ci, non d\u00e9taill\u00e9es par l\u0027\u00e9diteur, permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-2456",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2456"
},
{
"name": "CVE-2011-2450",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2450"
},
{
"name": "CVE-2011-2458",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2458"
},
{
"name": "CVE-2011-2457",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2457"
},
{
"name": "CVE-2011-2459",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2459"
},
{
"name": "CVE-2011-2451",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2451"
},
{
"name": "CVE-2011-2460",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2460"
},
{
"name": "CVE-2011-2453",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2453"
},
{
"name": "CVE-2011-2452",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2452"
},
{
"name": "CVE-2011-2454",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2454"
},
{
"name": "CVE-2011-2455",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2455"
},
{
"name": "CVE-2011-2445",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2445"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Oracle du 07 f\u00e9vrier 2012 : http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flash_player4",
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer4"
}
],
"reference": "CERTA-2011-AVI-630",
"revisions": [
{
"description": "version initiale ;",
"revision_date": "2011-11-14T00:00:00.000000"
},
{
"description": "ajout du bulletin Oracle.",
"revision_date": "2012-02-09T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s dans \u003cspan class=\"textit\"\u003eAdobe Flash\nPlayer\u003c/span\u003e permettent l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Adobe Flash Player",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Adobe APSB11-28 du 10 novembre 2011",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
]
}
RHSA-2011:1445
Vulnerability from csaf_redhat - Published: 2011-11-11 11:47 - Updated: 2025-11-21 17:39Summary
Red Hat Security Advisory: flash-plugin security update
Notes
Topic
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in.
This update fixes multiple vulnerabilities in Adobe Flash Player. These
vulnerabilities are detailed on the Adobe security page APSB11-28, listed
in the References section.
Multiple security flaws were found in the way flash-plugin displayed
certain SWF content. An attacker could use these flaws to create a
specially-crafted SWF file that would cause flash-plugin to crash or,
potentially, execute arbitrary code when the victim loaded a page
containing the specially-crafted SWF content. (CVE-2011-2445,
CVE-2011-2450, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454,
CVE-2011-2455, CVE-2011-2456, CVE-2011-2457, CVE-2011-2459, CVE-2011-2460)
All users of Adobe Flash Player should install this updated package, which
upgrades Flash Player to version 10.3.183.11.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in.\n\nThis update fixes multiple vulnerabilities in Adobe Flash Player. These\nvulnerabilities are detailed on the Adobe security page APSB11-28, listed\nin the References section.\n\nMultiple security flaws were found in the way flash-plugin displayed\ncertain SWF content. An attacker could use these flaws to create a\nspecially-crafted SWF file that would cause flash-plugin to crash or,\npotentially, execute arbitrary code when the victim loaded a page\ncontaining the specially-crafted SWF content. (CVE-2011-2445,\nCVE-2011-2450, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454,\nCVE-2011-2455, CVE-2011-2456, CVE-2011-2457, CVE-2011-2459, CVE-2011-2460)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 10.3.183.11.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2011:1445",
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
},
{
"category": "external",
"summary": "752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_1445.json"
}
],
"title": "Red Hat Security Advisory: flash-plugin security update",
"tracking": {
"current_release_date": "2025-11-21T17:39:13+00:00",
"generator": {
"date": "2025-11-21T17:39:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2011:1445",
"initial_release_date": "2011-11-11T11:47:00+00:00",
"revision_history": [
{
"date": "2011-11-11T11:47:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2011-11-11T11:53:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:39:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "flash-plugin-0:10.3.183.11-1.el5.i386",
"product": {
"name": "flash-plugin-0:10.3.183.11-1.el5.i386",
"product_id": "flash-plugin-0:10.3.183.11-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flash-plugin@10.3.183.11-1.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "flash-plugin-0:10.3.183.11-1.el6.i686",
"product": {
"name": "flash-plugin-0:10.3.183.11-1.el6.i686",
"product_id": "flash-plugin-0:10.3.183.11-1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flash-plugin@10.3.183.11-1.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "flash-plugin-0:10.3.183.11-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386"
},
"product_reference": "flash-plugin-0:10.3.183.11-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flash-plugin-0:10.3.183.11-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386"
},
"product_reference": "flash-plugin-0:10.3.183.11-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flash-plugin-0:10.3.183.11-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
},
"product_reference": "flash-plugin-0:10.3.183.11-1.el6.i686",
"relates_to_product_reference": "6Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flash-plugin-0:10.3.183.11-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
},
"product_reference": "flash-plugin-0:10.3.183.11-1.el6.i686",
"relates_to_product_reference": "6Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flash-plugin-0:10.3.183.11-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
},
"product_reference": "flash-plugin-0:10.3.183.11-1.el6.i686",
"relates_to_product_reference": "6Workstation-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2011-2445",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2445"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2445",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2445"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2445",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2445"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2450",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2450"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2450",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2450"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2450",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2450"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2451",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2451"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2451",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2451"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2451",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2451"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2452",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2452"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2452",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2452"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2452",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2452"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2453",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2453"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2453",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2453"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2453",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2453"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2454",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2454"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2454",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2454"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2454",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2454"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2455",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2459, and CVE-2011-2460.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2455"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2455",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2455"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2455",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2455"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2456",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2456"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2456",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2456"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2456",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2456"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2457",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2457"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2457",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2457"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2457",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2457"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2459",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2459"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2459",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2459"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2460",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2459.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2460"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2460",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2460"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2460",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2460"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
}
]
}
RHSA-2011_1445
Vulnerability from csaf_redhat - Published: 2011-11-11 11:47 - Updated: 2024-11-14 11:30Summary
Red Hat Security Advisory: flash-plugin security update
Notes
Topic
An updated Adobe Flash Player package that fixes multiple security issues
is now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in.
This update fixes multiple vulnerabilities in Adobe Flash Player. These
vulnerabilities are detailed on the Adobe security page APSB11-28, listed
in the References section.
Multiple security flaws were found in the way flash-plugin displayed
certain SWF content. An attacker could use these flaws to create a
specially-crafted SWF file that would cause flash-plugin to crash or,
potentially, execute arbitrary code when the victim loaded a page
containing the specially-crafted SWF content. (CVE-2011-2445,
CVE-2011-2450, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454,
CVE-2011-2455, CVE-2011-2456, CVE-2011-2457, CVE-2011-2459, CVE-2011-2460)
All users of Adobe Flash Player should install this updated package, which
upgrades Flash Player to version 10.3.183.11.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated Adobe Flash Player package that fixes multiple security issues\nis now available for Red Hat Enterprise Linux 5 and 6 Supplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash\nPlayer web browser plug-in.\n\nThis update fixes multiple vulnerabilities in Adobe Flash Player. These\nvulnerabilities are detailed on the Adobe security page APSB11-28, listed\nin the References section.\n\nMultiple security flaws were found in the way flash-plugin displayed\ncertain SWF content. An attacker could use these flaws to create a\nspecially-crafted SWF file that would cause flash-plugin to crash or,\npotentially, execute arbitrary code when the victim loaded a page\ncontaining the specially-crafted SWF content. (CVE-2011-2445,\nCVE-2011-2450, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454,\nCVE-2011-2455, CVE-2011-2456, CVE-2011-2457, CVE-2011-2459, CVE-2011-2460)\n\nAll users of Adobe Flash Player should install this updated package, which\nupgrades Flash Player to version 10.3.183.11.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2011:1445",
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
},
{
"category": "external",
"summary": "752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2011/rhsa-2011_1445.json"
}
],
"title": "Red Hat Security Advisory: flash-plugin security update",
"tracking": {
"current_release_date": "2024-11-14T11:30:30+00:00",
"generator": {
"date": "2024-11-14T11:30:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2011:1445",
"initial_release_date": "2011-11-11T11:47:00+00:00",
"revision_history": [
{
"date": "2011-11-11T11:47:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2011-11-11T11:53:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T11:30:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "flash-plugin-0:10.3.183.11-1.el5.i386",
"product": {
"name": "flash-plugin-0:10.3.183.11-1.el5.i386",
"product_id": "flash-plugin-0:10.3.183.11-1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flash-plugin@10.3.183.11-1.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "flash-plugin-0:10.3.183.11-1.el6.i686",
"product": {
"name": "flash-plugin-0:10.3.183.11-1.el6.i686",
"product_id": "flash-plugin-0:10.3.183.11-1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/flash-plugin@10.3.183.11-1.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "flash-plugin-0:10.3.183.11-1.el5.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)",
"product_id": "5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386"
},
"product_reference": "flash-plugin-0:10.3.183.11-1.el5.i386",
"relates_to_product_reference": "5Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flash-plugin-0:10.3.183.11-1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)",
"product_id": "5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386"
},
"product_reference": "flash-plugin-0:10.3.183.11-1.el5.i386",
"relates_to_product_reference": "5Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flash-plugin-0:10.3.183.11-1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
},
"product_reference": "flash-plugin-0:10.3.183.11-1.el6.i686",
"relates_to_product_reference": "6Client-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flash-plugin-0:10.3.183.11-1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
},
"product_reference": "flash-plugin-0:10.3.183.11-1.el6.i686",
"relates_to_product_reference": "6Server-Supplementary"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "flash-plugin-0:10.3.183.11-1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
},
"product_reference": "flash-plugin-0:10.3.183.11-1.el6.i686",
"relates_to_product_reference": "6Workstation-Supplementary"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2011-2445",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2445"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2445",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2445"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2445",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2445"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2450",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2450"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2450",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2450"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2450",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2450"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2451",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2451"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2451",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2451"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2451",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2451"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2452",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2452"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2452",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2452"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2452",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2452"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2453",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2454, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2453"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2453",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2453"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2453",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2453"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2454",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2455, CVE-2011-2459, and CVE-2011-2460.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2454"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2454",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2454"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2454",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2454"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2455",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2459, and CVE-2011-2460.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2455"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2455",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2455"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2455",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2455"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2456",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2456"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2456",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2456"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2456",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2456"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2457",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2457"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2457",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2457"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2457",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2457"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2459",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2460.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2459"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2459",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2459"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
},
{
"cve": "CVE-2011-2460",
"discovery_date": "2011-11-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "752983"
}
],
"notes": [
{
"category": "description",
"text": "Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2445, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, and CVE-2011-2459.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flash-plugin: mulitple code execution flaws (APSB11-28)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2011-2460"
},
{
"category": "external",
"summary": "RHBZ#752983",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=752983"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2011-2460",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2460"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2011-2460",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2460"
},
{
"category": "external",
"summary": "http://www.adobe.com/support/security/bulletins/apsb11-28.html",
"url": "http://www.adobe.com/support/security/bulletins/apsb11-28.html"
}
],
"release_date": "2011-11-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2011-11-11T11:47:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259",
"product_ids": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2011:1445"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Client-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"5Server-Supplementary:flash-plugin-0:10.3.183.11-1.el5.i386",
"6Client-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Server-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686",
"6Workstation-Supplementary:flash-plugin-0:10.3.183.11-1.el6.i686"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flash-plugin: mulitple code execution flaws (APSB11-28)"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…