CVE-2011-2414Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe AIR

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer9 documents5 sources
Severity
10.0CRITICALNVD
EPSS
12.2%
top 6.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AIRAdobe Flash Player
Timeline
PublishedAug 10
Latest updateMay 14

Description

Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2137, and CVE-2011-2415.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDadobe/flash_player10.3.181.36+91
NVDadobe/adobe_air2.7+9

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

2
GHSA
GHSA-mfw6-8hcm-9f78: Buffer overflow in Adobe Flash Player before 102022-05-14
CVEList
CVE-2011-2414: Buffer overflow in Adobe Flash Player before 102011-08-10

📋Vendor Advisories

5
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)2011-08-09
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)2011-08-09
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)2011-08-09
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)2011-08-09
Red Hat
flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)2011-08-09

💬Community

1
Bugzilla
CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: mult2011-08-09
CVE-2011-2414 — Adobe AIR vulnerability | cvebase