CVE-2011-0559
published 2011-02-10CVE-2011-0559: Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an…
PriorityP268critical9.3CVSS 2.0
AVNACMAuNCCICAC
ITWVulnCheck KEV
Exploited in the wild
EPSS
5.24%
91.5th percentile
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Affected
75 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | flash_player | <= 10.2.152 | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vulncheck9.3CRITICAL
vendor_redhat9.3CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9f23-98x6-49jh: Adobe Flash Player before 10
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2011-0573 [CRITICAL] CWE-119 GHSA-9f23-98x6-49jh: Adobe Flash Player before 10
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
GHSA
GHSA-mmx2-27hf-3f9r: Adobe Flash Player before 10
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2011-0559 [CRITICAL] CWE-119 GHSA-mmx2-27hf-3f9r: Adobe Flash Player before 10
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
GHSA
GHSA-m245-xcm9-7cpw: Adobe Flash Player before 10
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2011-0561 [CRITICAL] CWE-119 GHSA-m245-xcm9-7cpw: Adobe Flash Player before 10
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
GHSA
GHSA-3mfv-6679-5j8f: Adobe Flash Player before 10
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2011-0572 [CRITICAL] CWE-119 GHSA-3mfv-6679-5j8f: Adobe Flash Player before 10
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
GHSA
GHSA-r85g-282v-289c: Adobe Flash Player before 10
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2011-0607 [CRITICAL] CWE-119 GHSA-r85g-282v-289c: Adobe Flash Player before 10
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0608.
GHSA
GHSA-h4mm-mhjh-4pj5: Adobe Flash Player before 10
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2011-0574 [CRITICAL] CWE-119 GHSA-h4mm-mhjh-4pj5: Adobe Flash Player before 10
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
GHSA
GHSA-vm69-m74c-qwvm: Adobe Flash Player before 10
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2011-0560 [CRITICAL] CWE-119 GHSA-vm69-m74c-qwvm: Adobe Flash Player before 10
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
GHSA
GHSA-27jx-2xcq-7549: Adobe Flash Player before 10
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2011-0608 [CRITICAL] CWE-119 GHSA-27jx-2xcq-7549: Adobe Flash Player before 10
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0607.
GHSA
GHSA-q5w4-gwv4-v293: Adobe Flash Player before 10
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2011-0571 [CRITICAL] CWE-119 GHSA-q5w4-gwv4-v293: Adobe Flash Player before 10
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
GHSA
GHSA-322r-xwx7-m2r9: Adobe Flash Player before 10
ghsa_unreviewed·2022-05-14·CVSS 9.3
CVE-2011-0578 [CRITICAL] CWE-119 GHSA-322r-xwx7-m2r9: Adobe Flash Player before 10
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a constructor for an unspecified ActionScript3 object and improper type checking, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0607, and CVE-2011-0608.
VulnCheck
Adobe Flash Player Improper Restriction of Operations within the Bounds of a Memory Buffer
vulncheck·2011·CVSS 9.3
CVE-2011-0559 [CRITICAL] Adobe Flash Player Improper Restriction of Operations within the Bounds of a Memory Buffer
Adobe Flash Player Improper Restriction of Operations within the Bounds of a Memory Buffer
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Affected: Adobe Flash Player
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://archive.f-secure.com/weblog/archives/00002458
Red Hat
flash-plugin: multiple code execution flaws (APSB11-02)
vendor_redhat·2011-02-08·CVSS 9.3
CVE-2011-0571 [CRITICAL] flash-plugin: multiple code execution flaws (APSB11-02)
flash-plugin: multiple code execution flaws (APSB11-02)
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Red Hat
flash-plugin: multiple code execution flaws (APSB11-02)
vendor_redhat·2011-02-08·CVSS 9.3
CVE-2011-0574 [CRITICAL] flash-plugin: multiple code execution flaws (APSB11-02)
flash-plugin: multiple code execution flaws (APSB11-02)
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Red Hat
flash-plugin: multiple code execution flaws (APSB11-02)
vendor_redhat·2011-02-08·CVSS 9.3
CVE-2011-0608 [CRITICAL] flash-plugin: multiple code execution flaws (APSB11-02)
flash-plugin: multiple code execution flaws (APSB11-02)
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0607.
Red Hat
flash-plugin: multiple code execution flaws (APSB11-02)
vendor_redhat·2011-02-08·CVSS 9.3
CVE-2011-0607 [CRITICAL] flash-plugin: multiple code execution flaws (APSB11-02)
flash-plugin: multiple code execution flaws (APSB11-02)
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0608.
Red Hat
flash-plugin: multiple code execution flaws (APSB11-02)
vendor_redhat·2011-02-08·CVSS 9.3
CVE-2011-0559 [CRITICAL] flash-plugin: multiple code execution flaws (APSB11-02)
flash-plugin: multiple code execution flaws (APSB11-02)
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Red Hat
flash-plugin: multiple code execution flaws (APSB11-02)
vendor_redhat·2011-02-08·CVSS 9.3
CVE-2011-0560 [CRITICAL] flash-plugin: multiple code execution flaws (APSB11-02)
flash-plugin: multiple code execution flaws (APSB11-02)
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Red Hat
flash-plugin: multiple code execution flaws (APSB11-02)
vendor_redhat·2011-02-08·CVSS 9.3
CVE-2011-0573 [CRITICAL] flash-plugin: multiple code execution flaws (APSB11-02)
flash-plugin: multiple code execution flaws (APSB11-02)
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Red Hat
flash-plugin: multiple code execution flaws (APSB11-02)
vendor_redhat·2011-02-08·CVSS 9.3
CVE-2011-0578 [CRITICAL] flash-plugin: multiple code execution flaws (APSB11-02)
flash-plugin: multiple code execution flaws (APSB11-02)
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a constructor for an unspecified ActionScript3 object and improper type checking, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0607, and CVE-2011-0608.
Red Hat
flash-plugin: multiple code execution flaws (APSB11-02)
vendor_redhat·2011-02-08·CVSS 9.3
CVE-2011-0572 [CRITICAL] flash-plugin: multiple code execution flaws (APSB11-02)
flash-plugin: multiple code execution flaws (APSB11-02)
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
Red Hat
flash-plugin: multiple code execution flaws (APSB11-02)
vendor_redhat·2011-02-08·CVSS 9.3
CVE-2011-0561 [CRITICAL] flash-plugin: multiple code execution flaws (APSB11-02)
flash-plugin: multiple code execution flaws (APSB11-02)
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.
No detection rules found.
No public exploits indexed.
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=894http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00003.htmlhttp://secunia.com/advisories/43267http://secunia.com/advisories/43292http://secunia.com/advisories/43340http://secunia.com/advisories/43351http://secunia.com/advisories/43747http://www.adobe.com/support/security/bulletins/apsb11-02.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0206.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0259.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0368.htmlhttp://www.securityfocus.com/bid/46186http://www.securitytracker.com/id?1025055http://www.vupen.com/english/advisories/2011/0348http://www.vupen.com/english/advisories/2011/0383http://www.vupen.com/english/advisories/2011/0402http://www.vupen.com/english/advisories/2011/0646https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14009https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16231http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=894http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00003.htmlhttp://secunia.com/advisories/43267http://secunia.com/advisories/43292http://secunia.com/advisories/43340http://secunia.com/advisories/43351http://secunia.com/advisories/43747http://www.adobe.com/support/security/bulletins/apsb11-02.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0206.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0259.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0368.htmlhttp://www.securityfocus.com/bid/46186http://www.securitytracker.com/id?1025055http://www.vupen.com/english/advisories/2011/0348http://www.vupen.com/english/advisories/2011/0383http://www.vupen.com/english/advisories/2011/0402http://www.vupen.com/english/advisories/2011/0646https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14009https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16231
2011-02-10
Published
Exploited in the wild