CVE-2011-0628 — Adobe Flash Player vulnerability

CWE-1894 documents4 sources

Severity

9.3CRITICALNVD

EPSS

11.2%

top 6.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Flash Player

Timeline

PublishedMay 31

Latest updateMay 14

Description

Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows remote attackers to execute arbitrary code via ActionScript that improperly handles a long array object.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDadobe/flash_player10.2.159.1+83

Patches

Patch: www.adobe.com ↗Patch: www.adobe.com ↗

🔴Vulnerability Details

GHSA

GHSA-9wgf-m28w-v7xf: Integer overflow in Adobe Flash Player before 10↗2022-05-14

▶

📋Vendor Advisories

Red Hat

flash-plugin: crash and potential arbitrary code execution (APSB11-12)↗2011-05-12

▶

💬Community

Bugzilla

CVE-2011-0579 CVE-2011-0618 CVE-2011-0619 CVE-2011-0620 CVE-2011-0621 CVE-2011-0622 CVE-2011-0623 CVE-2011-0624 CVE-2011-0625 CVE-2011-0626 CVE-2011-0627 CVE-2011-0628 flash-plugin: crash and potentia↗2011-05-12

▶