CVE-2011-0618
published 2011-05-13CVE-2011-0618: Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to…
PriorityP265critical9.3CVSS 2.0
AVNACMAuNCCICAC
ITWVulnCheck KEV
Exploited in the wild
EPSS
4.94%
91.1th percentile
Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors.
Affected
84 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | flash_player | <= 10.2.159.1 | — |
| adobe | flash_player | <= 10.2.157.51 | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- ·Vulnerable versions: Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris; before 10.3.185.21 on Android. No specific attack vectors, IOCs, or detection signatures were disclosed in the available sources. ↗
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vulncheck9.3CRITICAL
vendor_redhat9.3CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-h73q-hjm3-vwgm: Integer overflow in Adobe Flash Player before 10
ghsa_unreviewed·2022-05-14
CVE-2011-0618 [HIGH] GHSA-h73q-hjm3-vwgm: Integer overflow in Adobe Flash Player before 10
Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors.
VulnCheck
Adobe Flash Player Arbitrary Code Execution
vulncheck·2011·CVSS 9.3
CVE-2011-0618 [CRITICAL] Adobe Flash Player Arbitrary Code Execution
Adobe Flash Player Arbitrary Code Execution
Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors.
Affected: Adobe Flash Player
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://users.ece.cmu.edu/~tdumitra/public_documents/bilge12_zero_day.pdf
Red Hat
flash-plugin: crash and potential arbitrary code execution (APSB11-12)
vendor_redhat·2011-05-12·CVSS 9.3
CVE-2011-0618 [CRITICAL] flash-plugin: crash and potential arbitrary code execution (APSB11-12)
flash-plugin: crash and potential arbitrary code execution (APSB11-12)
Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors.
No detection rules found.
No public exploits indexed.
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00006.htmlhttp://www.adobe.com/support/security/bulletins/apsb11-12.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14106https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16041http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00006.htmlhttp://www.adobe.com/support/security/bulletins/apsb11-12.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14106https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16041
2011-05-13
Published
Exploited in the wild