Vulnerability Description
Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Flash Player | <= 10.3.183.7 |
| Apple | Mac Os X | All versions |
| Linux | Linux Kernel | All versions |
| Microsoft | Windows | All versions |
| Sun | Sunos | All versions |
| Android | All versions |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00025.html
- http://secunia.com/advisories/48308
- http://www.adobe.com/support/security/bulletins/apsb11-26.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2011-1333.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00025.html
- http://secunia.com/advisories/48308
- http://www.adobe.com/support/security/bulletins/apsb11-26.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2011-1333.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2011-2427?
CVE-2011-2427 is a vulnerability with a CVSS score of 9.3 (HIGH). Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, all...
How severe is CVE-2011-2427?
CVE-2011-2427 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-2427?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Apple Mac Os X, Linux Linux Kernel, Microsoft Windows, Sun Sunos.