CVE-2011-2428

Adobe Flash Player < 10.3.183.10 - Remote Code Execution

Title source: llm
STIX 2.1

Description

Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service (browser crash) via unspecified vectors, related to a "logic error issue."

References (6)

Core 6
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2011-1333.html
Patch, Vendor Advisory x_refsource_confirm
http://www.adobe.com/support/security/bulletins/apsb11-26.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13945
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/48308
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16181

Scores

EPSS 0.0525
EPSS Percentile 91.6%

Details

CWE
CWE-20
Status published
Products (50)
adobe/flash_player 6.0.21.0
adobe/flash_player 6.0.79
adobe/flash_player 7.0
adobe/flash_player 7.0.1
adobe/flash_player 7.0.14.0
adobe/flash_player 7.0.19.0
adobe/flash_player 7.0.24.0
adobe/flash_player 7.0.25
adobe/flash_player 7.0.53.0
adobe/flash_player 7.0.60.0
... and 40 more
Published Sep 22, 2011
Tracked Since Feb 18, 2026