You are here

CVE-2011-2424

Vincent (CVE) Danen's picture
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by "about 400 unique crash signatures."

Details Source

Mitre

Public Date

2011-08-09 00:00:00

Impact

Critical

Bugzilla

CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)

Bugzilla ID

729 497

CVSS Status

verified

Base Score

6.80

Base Metrics

AV:N/AC:M/Au:N/C:P/I:P/A:P

External References

http://www.adobe.com/support/security/bulletins/apsb11-21.html

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux AS version 4 Extras (acroread) RHSA-2011:1434 2011-11-08
Red Hat Enterprise Linux Supplementary (v. 6) (flash-plugin) RHSA-2011:1144 2011-08-10
Red Hat Enterprise Linux Supplementary 5 (acroread) RHSA-2011:1434 2011-11-08
Red Hat Enterprise Linux Supplementary 5 (flash-plugin) RHSA-2011:1144 2011-08-10
Red Hat Enterprise Linux Supplementary (v. 6) (acroread) RHSA-2011:1434 2011-11-08