CVE-2011-2107 — MEDIUM (4.3)

Q: How severe is CVE-2011-2107?

CVE-2011-2107 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2011-2107?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Apple Mac Os X, Linux Linux Kernel, Microsoft Windows, Sun Sunos.

Vulnerability Description

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "universal cross-site scripting vulnerability."

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Adobe	Flash Player	<= 10.3.181.16
Apple	Mac Os X	All versions
Linux	Linux Kernel	2.6.0
Microsoft	Windows	All versions
Sun	Sunos	All versions
Google	Android	All versions
Adobe	Acrobat	<= 10.0.3
Adobe	Acrobat Reader	<= 10.0.3

Related Weaknesses (CWE)

CWE-79

References

FAQ

What is CVE-2011-2107?

CVE-2011-2107 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject ar...

How severe is CVE-2011-2107?

CVE-2011-2107 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-2107?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Apple Mac Os X, Linux Linux Kernel, Microsoft Windows, Sun Sunos.