CVE-2011-0609

{"id": "CVE-2011-0609", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2011-03-15T17:55:03.827", "references": [{"url": "http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html", "tags": ["Broken Link"], "source": "psirt@adobe.com"}, {"url": "http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.html", "tags": ["Third Party Advisory"], "source": "psirt@adobe.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "psirt@adobe.com"}, {"url": "http://secunia.com/advisories/43751", "tags": ["Broken Link"], "source": "psirt@adobe.com"}, {"url": "http://secunia.com/advisories/43757", "tags": ["Broken Link"], "source": "psirt@adobe.com"}, {"url": "http://secunia.com/advisories/43772", "tags": ["Broken Link"], "source": "psirt@adobe.com"}, {"url": "http://secunia.com/advisories/43856", "tags": ["Broken Link"], "source": "psirt@adobe.com"}, {"url": "http://securityreason.com/securityalert/8152", "tags": ["Broken Link"], "source": "psirt@adobe.com"}, {"url": "http://www.adobe.com/support/security/advisories/apsa11-01.html", "tags": ["Vendor Advisory"], "source": "psirt@adobe.com"}, {"url": "http://www.adobe.com/support/security/bulletins/apsb11-06.html", "tags": ["Not Applicable"], "source": "psirt@adobe.com"}, {"url": "http://www.kb.cert.org/vuls/id/192052", "tags": ["Third Party Advisory", "US Government Resource"], "source": "psirt@adobe.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2011-0372.html", "tags": ["Broken Link"], "source": "psirt@adobe.com"}, {"url": "http://www.securityfocus.com/bid/46860", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "psirt@adobe.com"}, {"url": "http://www.securitytracker.com/id?1025210", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "psirt@adobe.com"}, {"url": "http://www.securitytracker.com/id?1025211", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "psirt@adobe.com"}, {"url": "http://www.securitytracker.com/id?1025238", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "psirt@adobe.com"}, {"url": "http://www.vupen.com/english/advisories/2011/0655", "tags": ["Broken Link"], "source": "psirt@adobe.com"}, {"url": "http://www.vupen.com/english/advisories/2011/0656", "tags": ["Broken Link"], "source": "psirt@adobe.com"}, {"url": "http://www.vupen.com/english/advisories/2011/0688", "tags": ["Broken Link"], "source": "psirt@adobe.com"}, {"url": "http://www.vupen.com/english/advisories/2011/0732", "tags": ["Broken Link"], "source": "psirt@adobe.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66078", "tags": ["Third Party Advisory", "VDB Entry"], "source": "psirt@adobe.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14147", "tags": ["Broken Link"], "source": "psirt@adobe.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en Adobe Flash Player 10.2.154.13 y versiones anteriores en Windows, Mac OS X, Linux y Solaris, y 10.1.106.16 y anteriores en Android, y Authplay.dll (AuthPlayLib.bundle) de Adobe Reader y Acrobat 9.x hasta 9.4.2 y 10.x hasta 10.0.1 en Windows y Mac OS X. Permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de contenido Flash modificado, como se ha demostrado con un fichero .swf embebido en una hoja de c\u00e1lculo Excel. Se ha explotado en Internet en Marzo del 2011."}], "lastModified": "2024-06-28T14:20:56.560", "cisaActionDue": "2022-06-22", "cisaExploitAdd": "2022-06-08", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CE70003-27CE-4189-8F09-E8E25168BDC2", "versionEndIncluding": "10.2.154.13"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}, {"criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "91F372EA-3A78-4703-A457-751B2C98D796"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6F057DF-F6F8-4D20-B32C-930CD93347C6", "versionEndIncluding": "10.1.106.16"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3842B12-98F1-47D5-8EC2-F76BB6737D2D", "versionEndIncluding": "9.4.2", "versionStartIncluding": "9.0"}, {"criteria": "cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B57C5136-7853-478B-A342-6013528B41B4"}, {"criteria": "cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC1E1EE7-379E-4047-962D-0A311EB0DB1A"}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6EAD79A-9A1B-4EF4-9DC8-50FB4EF97718", "versionEndIncluding": "9.4.2", "versionStartIncluding": "9.0"}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9731EFE2-A5BE-4389-A92D-DDC573633B6C"}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:10.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9B4B357-27C7-4926-936C-A100A7AD538B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD"}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3EA2B712-1B02-4BBA-A46C-00858320FD25", "versionEndIncluding": "2.5.1"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95"}, {"criteria": "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5646FDE9-CF21-46A9-B89D-F5BBDB4249AF"}, {"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise:10.0:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1193A7E6-DCB4-4E79-A509-1D6948153A57"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise:11.0:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4500161F-13A0-4369-B93A-778B34E7F005"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3EC8CA74-41F7-4449-8FAA-5B181E198529", "versionEndExcluding": "10.0.648.134"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"}, {"criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@adobe.com", "cisaRequiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "cisaVulnerabilityName": "Adobe Flash Player Unspecified Vulnerability"}