CVE-2011-2118

Опубликовано: 16 июн. 2011

Источник: nvd

CVSS2: 9.3

EPSS Средний

Описание

The FLV ASSET Xtra component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors, related to an "input validation vulnerability."

Ссылки

http://www.adobe.com/support/security/bulletins/apsb11-17.html
Patch
Vendor Advisory
http://www.us-cert.gov/cas/techalerts/TA11-166A.html
US Government Resource
http://www.adobe.com/support/security/bulletins/apsb11-17.html
Patch
Vendor Advisory
http://www.us-cert.gov/cas/techalerts/TA11-166A.html
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:adobe:shockwave_player:*:*:*:*:*:*:*:*

Версия до 11.5.9.620 (включая)

cpe:2.3:a:adobe:shockwave_player:1.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:2.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:3.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:4.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:5.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:6.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0.196:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0.196a:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0.204:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.0.205:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1.100:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1.103:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1.105:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.1.106:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.321:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.323:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.324:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:8.5.325:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:9:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:9.0.383:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:9.0.432:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.0.0.210:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.0.1.004:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.1.0.11:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.1.0.011:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.1.1.016:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.1.4.020:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.2.0.021:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.2.0.022:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:10.2.0.023:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.0.0.456:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.0.3.471:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.0.595:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.0.596:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.1.601:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.2.602:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.6.606:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.7.609:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.8.612:*:*:*:*:*:*:*

cpe:2.3:a:adobe:shockwave_player:11.5.9.615:*:*:*:*:*:*:*

EPSS

Процентиль: 96%

0.21112

Средний

9.3 Critical

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-3746-24r4-w4m7

github

больше 3 лет назад