CVE-2011-2424 — HIGH (9.3) — White Hats Nepal

Q: How severe is CVE-2011-2424?

CVE-2011-2424 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2011-2424?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Apple Mac Os X, Linux Linux Kernel, Microsoft Windows, Sun Sunos.

Vulnerability Description

Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by "about 400 unique crash signatures."

CVSS Score

9.3

HIGH

AV:N/AC:M/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Adobe	Flash Player	<= 10.3.181.36
Apple	Mac Os X	All versions
Linux	Linux Kernel	All versions
Microsoft	Windows	All versions
Sun	Sunos	All versions
Google	Android	All versions
Adobe	Adobe Air	<= 2.7

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2011-2424?

CVE-2011-2424 is a vulnerability with a CVSS score of 9.3 (HIGH). Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, all...

How severe is CVE-2011-2424?

CVE-2011-2424 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-2424?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Apple Mac Os X, Linux Linux Kernel, Microsoft Windows, Sun Sunos.