CVE-2011-2458Adobe AIR vulnerability

CWE-2643 documents3 sources
Severity
9.3CRITICALNVD
EPSS
1.0%
top 22.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AIRAdobe Flash Player
Timeline
PublishedNov 11
Latest updateMay 14

Description

Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, when Internet Explorer is used, allows remote attackers to bypass the cross-domain policy via a crafted web site.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDadobe/flash_player10.010.3.183.11+2
NVDadobe/adobe_air3.03.1.0.4880

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

2
GHSA
GHSA-fp6h-5f8p-cgr2: Adobe Flash Player before 102022-05-14
CVEList
CVE-2011-2458: Adobe Flash Player before 102011-11-11
CVE-2011-2458 — Adobe AIR vulnerability | cvebase