Vulnerability Description
Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote attackers to execute arbitrary code via a crafted SWF file, as demonstrated by the second of two vulnerabilities exploited by the Intevydis vd_adobe_fp module in VulnDisco Step Ahead (SA). NOTE: as of 20111207, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Flash Player | 11.1.102.55 |
| Apple | Mac Os X | All versions |
| Microsoft | Windows | All versions |
References
- http://partners.immunityinc.com/movies/VulnDisco-Flash0day-v2.movExploit
- http://www.securitytracker.com/id?1026392
- https://bugzilla.redhat.com/show_bug.cgi?id=761223
- https://lists.immunityinc.com/pipermail/dailydave/2011-December/000402.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://partners.immunityinc.com/movies/VulnDisco-Flash0day-v2.movExploit
- http://www.securitytracker.com/id?1026392
- https://bugzilla.redhat.com/show_bug.cgi?id=761223
- https://lists.immunityinc.com/pipermail/dailydave/2011-December/000402.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2011-4694?
CVE-2011-4694 is a vulnerability with a CVSS score of 9.3 (HIGH). Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote attackers to execute arbitrary code via a crafted SWF file, as demonstrated by the second of two vulne...
How severe is CVE-2011-4694?
CVE-2011-4694 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-4694?
Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Apple Mac Os X, Microsoft Windows.