CVE-2011-2110
published 2011-06-16CVE-2011-2110: Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute…
PriorityP277critical10CVSS 2.0
AVNACLAuNCCICAC
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
86.42%
99.7th percentile
Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011.
Affected
89 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | flash_player | <= 10.3.181.23 | — |
| adobe | flash_player | <= 10.3.185.23 | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
| adobe | flash_player | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →The exploit delivers a malicious .swf file via HTTP with Content-Type application/x-shockwave-flash; detect HTTP responses serving .swf payloads with randomized filenames followed by a .txt shellcode fetch. ↗
- →The exploit uses HTTP gzip compression and chunked transfer encoding; network sensors should inspect gzip-compressed SWF responses for CVE-2011-2110 indicators. ↗
- →Post-exploitation, the Metasploit module automatically migrates the payload to a new process; monitor for unexpected process migration activity following Flash Player execution. ↗
- →The vulnerability is triggered via ActionScript3 AVM2 verification logic failure when indexing an array with an arbitrary value; targets IE6, IE7, IE8, and Firefox 10.2 on Windows with ASLR/DEP bypass. ↗
- →Exploitation was observed in targeted attacks via malicious Web pages; monitor web proxy logs for Flash Player versions 10.3.181.23 and earlier fetching .swf content from untrusted sources. ↗
- →The exploit source ActionScript file is CVE-2011-2110.as; presence of this filename on disk or in build artifacts may indicate exploit development activity. ↗
- ·The exploit targets Adobe Flash Player versions 10.3.181.23 and earlier on Windows, Macintosh, Linux, and Solaris, and 10.3.185.23 and earlier on Android; the patched version is 10.3.181.26. ↗
- ·The Metasploit module's EXITFUNC is set to 'process', meaning the exploit terminates the hosting process on exit; this affects post-exploitation forensic artifacts. ↗
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vulncheck10.0CRITICAL
vendor_redhat10.0CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-3p7j-r8qq-j3mf: Adobe Flash Player before 10
ghsa_unreviewed·2022-05-14
CVE-2011-2110 [HIGH] CWE-119 GHSA-3p7j-r8qq-j3mf: Adobe Flash Player before 10
Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011.
VulnCheck
Adobe Flash Player Improper Restriction of Operations within the Bounds of a Memory Buffer
vulncheck·2011·CVSS 10.0
CVE-2011-2110 [CRITICAL] Adobe Flash Player Improper Restriction of Operations within the Bounds of a Memory Buffer
Adobe Flash Player Improper Restriction of Operations within the Bounds of a Memory Buffer
Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011.
Affected: Adobe Flash Player
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.cve.org/CVERecord?id=CVE-2011-2110; http://www.cs.cornell.edu/courses/cs6410/2012fa/slides/Symantec_ElderwoodProject_2012.pdf; https://archive.f-secure.com/weblog/archives/00002458; https://dl.acm.org
Red Hat
flash-plugin: memory corruption can lead to arbitrary code execution (APSB11-18)
vendor_redhat·2011-06-14·CVSS 10.0
CVE-2011-2110 [CRITICAL] flash-plugin: memory corruption can lead to arbitrary code execution (APSB11-18)
flash-plugin: memory corruption can lead to arbitrary code execution (APSB11-18)
Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011.
No detection rules found.
Exploit-DB
Adobe Flash Player - AVM Verification Logic Array Indexing Code Execution (Metasploit)
exploitdb·2012-06-20
CVE-2011-2110 Adobe Flash Player - AVM Verification Logic Array Indexing Code Execution (Metasploit)
Adobe Flash Player - AVM Verification Logic Array Indexing Code Execution (Metasploit)
---
##
# $Id$
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# web site for more information on licensing and terms of use.
# http://metasploit.com/
##
require 'msf/core'
class Metasploit3 'Adobe Flash Player AVM Verification Logic Array Indexing Code Execution',
'Description' => %q{
This module exploits a vulnerability in Adobe Flash Player versions 10.3.181.23
and earlier. This issue is caused by a failure in the ActionScript3 AVM2 verification
logic. This results in unsafe JIT(Just-In-Time) code being executed. This is the same
vulnerability that was used for attacks against Korean based organizat
Metasploit
Adobe Flash Player AVM Verification Logic Array Indexing Code Execution
metasploit
Adobe Flash Player AVM Verification Logic Array Indexing Code Execution
Adobe Flash Player AVM Verification Logic Array Indexing Code Execution
This module exploits a vulnerability in Adobe Flash Player versions 10.3.181.23 and earlier. This issue is caused by a failure in the ActionScript3 AVM2 verification logic. This results in unsafe JIT(Just-In-Time) code being executed. This is the same vulnerability that was used for attacks against Korean based organizations. Specifically, this issue occurs when indexing an array using an arbitrary value, memory can be referenced and later executed. Taking advantage of this issue does not rely on heap spraying as the vulnerability can also be used for information leakage. Currently this exploit works for IE6, IE7, IE8, Firefox 10.2 and likely several other browsers under multiple Windows platforms. This exploit bypass
Tenable
Tenable Network Security Podcast - Episode 87
blogs_tenable·2011-06-29
Tenable Network Security Podcast - Episode 87
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Zscaler
Patching Flash - CVE-2011-2110 Post-mortem | Zscaler
blogs_zscaler·2011-06-21·CVSS 10.0
[CRITICAL] Patching Flash - CVE-2011-2110 Post-mortem | Zscaler
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
Zscaler
Oh Flash! CVE-2011-2110 0-Day | Zscaler
blogs_zscaler·2011-06-17·CVSS 10.0
[CRITICAL] Oh Flash! CVE-2011-2110 0-Day | Zscaler
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
arXiv
Investigation of Advanced Persistent Threats Network-based Tactics, Techniques and Procedures
arxiv_fulltext·2025-02-12
Investigation of Advanced Persistent Threats Network-based Tactics, Techniques and Procedures
Investigation of Advanced Persistent Threats Network-based Tactics, Techniques and Procedures
Almuthanna Alageel
and
Sergio Maffeis
Department of Computing
Imperial College London
London, United Kingdom
plain
plain
## Abstract
The scarcity of data and the high complexity of Advanced Persistent Threats (APTs) attacks have created challenges in comprehending their behavior and hindered the exploration of effective detection techniques.
To create an effective APT detection strategy, it is important to examine the Tactics, Techniques, and Procedures (TTPs) that have been reported by the industry. These TTPs can be difficult to classify as either malicious or legitimate. When developing an approach for the next generation of network intrusion detection systems (NIDS), it is necessary to
Bugzilla
CVE-2011-2110 flash-plugin: memory corruption can lead to arbitrary code execution (APSB11-18)
bugzilla·2011-06-14·CVSS 10.0
CVE-2011-2110 [CRITICAL] CVE-2011-2110 flash-plugin: memory corruption can lead to arbitrary code execution (APSB11-18)
CVE-2011-2110 flash-plugin: memory corruption can lead to arbitrary code execution (APSB11-18)
Adobe has released APSB11-18 [1] along with Flash Player 10.3.181.26 to correct the following critical flaw:
A critical vulnerability has been identified in Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 10.3.185.23 and earlier versions for Android. This memory corruption vulnerability (CVE-2011-2110) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via malicious Web pages.
[1] http://www.adobe.com/support/security/bulletins/apsb11-18.html
Discussion:
This issue has been addressed in fo
http://secunia.com/advisories/44924http://secunia.com/advisories/44941http://secunia.com/advisories/44950http://secunia.com/advisories/44964http://secunia.com/advisories/48308http://www.adobe.com/support/security/bulletins/apsb11-18.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0869.htmlhttp://www.securitytracker.com/id?1025651http://www.us-cert.gov/cas/techalerts/TA11-166A.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/68029https://hermes.opensuse.org/messages/8782873https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14091https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16252http://secunia.com/advisories/44924http://secunia.com/advisories/44941http://secunia.com/advisories/44950http://secunia.com/advisories/44964http://secunia.com/advisories/48308http://www.adobe.com/support/security/bulletins/apsb11-18.htmlhttp://www.redhat.com/support/errata/RHSA-2011-0869.htmlhttp://www.securitytracker.com/id?1025651http://www.us-cert.gov/cas/techalerts/TA11-166A.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/68029https://hermes.opensuse.org/messages/8782873https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14091https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16252
2011-06-16
Published
Exploited in the wild