Adobe Flash Player Arbitrary Code Execution Vulnerability (Linux) Network Vulnerability

Summary

This host has Adobe flash Player installed, and is prone to code execution vulnerability.

Impact

Successful exploitation will let attackers to corrupt memory and execute arbitrary code on the system with elevated privileges. Impact Level: System/Application

Solution

Upgrade adobe flash player to version 10.2.159.1 or later, Update Adobe Reader/Acrobat to version 9.4.4 or 10.0.3 or later, For updates refer to http://www.adobe.com

Insight

The flaw is due to an error in handling 'SWF' file in adobe flash player, which allows attackers to execute arbitrary code or cause a denial of service via crafted flash content.

Affected

Adobe Flash Player version 10.2.153.1 and prior on Linux

References

http://blogs.adobe.com/psirt/2011/04/security-advisory-for-adobe-flash-player-adobe-reader-and-acrobat-apsa11-02.html
http://www.adobe.com/support/security/advisories/apsa11-02.html

Updated on 2017-03-28

Severity

Classification

CVE CVE-2011-0611
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe AIR Multiple Vulnerabilities-01 Aug14 (Mac OS X)
Adobe Air and Flash Player Multiple Vulnerabilities August-2011 (Windows)
Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Windows)
Adobe Air Multiple Vulnerabilities - November12 (Mac OS X)
Adobe Flash Media Server Multiple Remote Security Vulnerabilities

Take action and discover your vulnerabilities