CVE-2011-0627
HIGH EXPLOITED IN THE WILDAdobe Flash Player < 10.3.181.14 - Remote Code Execution via Crafted Flash Content
Title source: llmExploitation Summary
CVE-2011-0627 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io).
Description
Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content, as possibly exploited in the wild in May 2011 by a Microsoft Office document with an embedded .swf file.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16053
Third Party Advisory, VDB Entry vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13914
Patch, Vendor Advisory x_refsource_confirm
http://www.adobe.com/support/security/bulletins/apsb11-12.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00006.html
Scores
CVSS v3
8.8
EPSS
0.0507
EPSS Percentile
91.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
VulnCheck KEV
2011-05-12
InTheWild.io
2018-10-30
CWE
CWE-20
Status
published
Products (50)
adobe/flash_player
6.0.21.0
adobe/flash_player
6.0.79
adobe/flash_player
7.0
adobe/flash_player
7.0.1
adobe/flash_player
7.0.14.0
adobe/flash_player
7.0.19.0
adobe/flash_player
7.0.24.0
adobe/flash_player
7.0.25
adobe/flash_player
7.0.53.0
adobe/flash_player
7.0.60.0
... and 40 more
Published
May 13, 2011
Tracked Since
Feb 18, 2026