Main Vulnerability Database Vulnerabilities #VU2915

#VU2915 Buffer overflow in Adobe Flash Player - CVE-2011-0624

Published: December 27, 2016 / Updated: October 5, 2021

Vulnerability identifier: #VU2915

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber

CVE-ID: CVE-2011-0624

CWE-ID: CWE-119

Exploitation vector: Remote access

Exploit availability: The vulnerability is being exploited in the wild

Vulnerable software:
Adobe Flash Player

Software vendor:
Adobe

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The weakness exists due to buffer overflow caused by improper bounds checking. A remote attacker can create a specially crafted Web site, trick the victim into visiting it, trigger memory corruption and execute arbitrary code with privileges of the current user.

Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.

Remediation

Update Adobe Flash Player 10.x for Windows, Macintosh, Linux and Solaris to 10.3.181.14.
http://www.adobe.com/go/getflash
http://www.adobe.com/licensing/distribution
http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.html
http://www.adobe.com/support/flashplayer/downloads.html#fp10
Update Adobe Flash Player 10.x for Android to 10.3.185.21.
market://details?id=com.adobe.flashplayer

External links

http://www.adobe.com/support/security/bulletins/apsb11-12.html

#VU2915 Buffer overflow in Adobe Flash Player - CVE-2011-0624

Description

Remediation

External links

Please verify you're human