Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a "group of included constants," object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011.
References
Link Providers
http://blogs.technet.com/b/mmpc/archive/2011/04/12/analysis-of-the-cve-2011-0611-adobe-flash-player-vulnerability-exploitation.aspx cve-icon cve-icon cve-icon
http://bugix-security.blogspot.com/2011/04/cve-2011-0611-adobe-flash-zero-day.html cve-icon cve-icon cve-icon
http://contagiodump.blogspot.com/2011/04/apr-8-cve-2011-0611-flash-player-zero.html cve-icon cve-icon cve-icon
http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html cve-icon cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00004.html cve-icon cve-icon cve-icon
http://secunia.com/advisories/44119 cve-icon cve-icon cve-icon
http://secunia.com/advisories/44141 cve-icon cve-icon cve-icon
http://secunia.com/advisories/44149 cve-icon cve-icon cve-icon
http://secunia.com/blog/210/ cve-icon cve-icon cve-icon
http://securityreason.com/securityalert/8204 cve-icon cve-icon cve-icon
http://securityreason.com/securityalert/8292 cve-icon cve-icon cve-icon
http://www.adobe.com/support/security/advisories/apsa11-02.html cve-icon cve-icon cve-icon
http://www.adobe.com/support/security/bulletins/apsb11-07.html cve-icon cve-icon cve-icon
http://www.adobe.com/support/security/bulletins/apsb11-08.html cve-icon cve-icon cve-icon
http://www.exploit-db.com/exploits/17175 cve-icon cve-icon cve-icon
http://www.kb.cert.org/vuls/id/230057 cve-icon cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2011-0451.html cve-icon cve-icon cve-icon
http://www.securityfocus.com/bid/47314 cve-icon cve-icon cve-icon
http://www.securitytracker.com/id?1025324 cve-icon cve-icon cve-icon
http://www.securitytracker.com/id?1025325 cve-icon cve-icon cve-icon
http://www.vupen.com/english/advisories/2011/0922 cve-icon cve-icon cve-icon
http://www.vupen.com/english/advisories/2011/0923 cve-icon cve-icon cve-icon
http://www.vupen.com/english/advisories/2011/0924 cve-icon cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/66681 cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2011-0611 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14175 cve-icon cve-icon cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog cve-icon
https://www.cve.org/CVERecord?id=CVE-2011-0611 cve-icon
History

Tue, 13 Aug 2024 23:30:00 +0000

Type Values Removed Values Added
References

Tue, 06 Aug 2024 22:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:-:*:*:*:*:*:*:*
cpe:2.3:a:adobe:reader:10.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:reader:9.0:*:*:*:*:*:*:*
Vendors & Products Adobe air
Adobe reader
Metrics kev

{'dateAdded': '2022-03-03'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: adobe

Published: 2011-04-13T14:00:00

Updated: 2024-08-06T21:58:26.000Z

Reserved: 2011-01-20T00:00:00

Link: CVE-2011-0611

cve-icon Vulnrichment

Updated: 2024-08-06T21:58:26.000Z

cve-icon NVD

Status : Analyzed

Published: 2011-04-13T14:55:01.217

Modified: 2024-12-20T14:46:32.543

Link: CVE-2011-0611

cve-icon Redhat

Severity : Critical

Publid Date: 2011-04-11T00:00:00Z

Links: CVE-2011-0611 - Bugzilla