CVE-2011-0628 — HIGH (9.3) — White Hats Nepal

Q: How severe is CVE-2011-0628?

CVE-2011-0628 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2011-0628?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Apple Mac Os X, Linux Linux Kernel, Microsoft Windows, Oracle Solaris.

Vulnerability Description

Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows remote attackers to execute arbitrary code via ActionScript that improperly handles a long array object.

CVSS Score

9.3

HIGH

AV:N/AC:M/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Adobe	Flash Player	<= 10.2.159.1
Apple	Mac Os X	All versions
Linux	Linux Kernel	All versions
Microsoft	Windows	All versions
Oracle	Solaris	All versions
Google	Android	All versions

Related Weaknesses (CWE)

CWE-189

References

FAQ

What is CVE-2011-0628?

CVE-2011-0628 is a vulnerability with a CVSS score of 9.3 (HIGH). Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows remote attackers to execute arbitrary code via ActionScript ...

How severe is CVE-2011-0628?

CVE-2011-0628 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-0628?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Apple Mac Os X, Linux Linux Kernel, Microsoft Windows, Oracle Solaris.