Skip to navigation

CVE Database

CVE-2011-2417

Impact: Critical
Public: 2011-08-09
Bugzilla: 729497: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
IAVA: 2012-B-0048

Details

The MITRE CVE dictionary describes this issue as:

Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2135, CVE-2011-2140, and CVE-2011-2425.

Find out more about CVE-2011-2417 from the MITRE CVE dictionary and NIST NVD.

CVSS v2 metrics

Base Score: 6.8
Base Metrics: AV:N/AC:M/Au:N/C:P/I:P/A:P
Access Vector: Network
Access Complexity: Medium
Authentication: None
Confidentiality Impact: Partial
Integrity Impact: Partial
Availability Impact: Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux Server Supplementary (v. 5) (acroread) RHSA-2011:1434 November 08, 2011
Red Hat Enterprise Linux Server Supplementary (v. 5) (flash-plugin) RHSA-2011:1144 August 10, 2011
Red Hat Enterprise Linux Supplementary version 6 (acroread) RHSA-2011:1434 November 08, 2011
Red Hat Enterprise Linux Supplementary version 6 (flash-plugin) RHSA-2011:1144 August 10, 2011
Red Hat Enterprise Linux version 4 Extras (acroread) RHSA-2011:1434 November 08, 2011

External References

http://www.adobe.com/support/security/bulletins/apsb11-21.html

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.