Summary
This host has Adobe Acrobat or Adobe Reader or Adobe flash Player installed, and is prone to memory corruption vulnerability.
Impact
Successful exploitation will let attackers to corrupt memory and execute arbitrary code on the system with elevated privileges.
Impact Level: Application/System
Solution
Upgrade to Adobe Flash Player to 10.2.153.1 or later and upgrade Adobe Reader/Acrobat to 10.0.2, For details refer http://www.adobe.com/
Insight
The flaw is due to an error in handling 'SWF' file in adobe flash player and 'Authplay.dll' in Adobe acrobat/reader. which allows attackers to execute arbitrary code or cause a denial of service via crafted flash content.
Affected
Adobe Flash Player version 10.2.152.33 and prior on Windows.
Adobe Reader/Acrobat version 9.x to 9.4.2 and 10.x to 10.0.1 on Windows.
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2011-0609 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Mac OS X)
- Adobe Air Multiple Vulnerabilities June-2012 (Mac OS X)
- Adobe AIR Multiple Vulnerabilities-01 Sep14 (Mac OS X)
- Adobe Captivate Insecure Library Loading Vulnerability
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Mac OX S)