Published: 13/04/2011 Updated: 02/02/2024

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 941

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Adobe Flash Player prior to 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and previous versions on Android; Adobe AIR prior to 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x prior to 9.4.4 and 10.x up to and including 10.0.1 on Windows, Adobe Reader 9.x prior to 9.4.4 and 10.x prior to 10.0.3 on Mac OS X, and Adobe Acrobat 9.x prior to 9.4.4 and 10.x prior to 10.0.3 on Windows and Mac OS X allow remote malicious users to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a "group of included constants," object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011.

Vulnerable Product	Search on Vulmon	Subscribe to Product
adobe flash_player
adobe acrobat_reader
adobe adobe air
adobe acrobat
google chrome
suse linux enterprise desktop 11
opensuse opensuse 11.4
opensuse opensuse 11.2
opensuse opensuse 11.3
suse linux enterprise desktop 10

This Metasploit module exploits a vulnerability in Adobe Flash Player that was discovered, and has been exploited actively in the wild By embedding a specially crafted swf file, Adobe Flash crashes due to an invalid use of an object type, which allows attackers to overwrite a pointer in memory, and results arbitrary code execution ...

## # $Id: adobe_flashplayer_flash10orb 12330 2011-04-16 02:09:33Z sinn3r $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/ ...

# Exploit Title: Adobe Reader X Atom Type Confusion Vulnerability Exploit # Date: 7/3/2011 # Author: Snake ( Shahriyarj < at > gmail ) # Version: Adobe Reader X < 101 # Tested on: 1000 - 1001 - Windows 7 - IE/FF/Opera # CVE : CVE-2011-0611 # #This is the exploit I wrote for Abysssec "The Arashi" article #It gracefully bypass DEP/ASL ...

threat language parser

threat language parser tlp is a python library that parses a body of text for indicators of compromise (iocs), leveraging the amazing textblob and nltk natural language processing modules to derive context and color around those iocs The goal of tlp is to allow security analysts and researchers to extract and store meaningful data from the endless stream of information they e

Experts in network security monitoring and network forensics NETRESEC | Products | Training | Resources | Blog | About Netresec | NETRESEC > Resources > PCAP Files Publicly available PCAP files This is a list of public packet capture repositories, which are freely available on the Internet Most of the sites listed below share Full Packet Capture (FPC) files, but

Investigation Report for the September 2014 Equation malware detection incident in the US

Securelist • Kaspersky Lab • 16 Nov 2017

In early October, a story was published by the Wall Street Journal alleging Kaspersky Lab software was used to siphon classified data from an NSA employee’s home computer system. Given that Kaspersky Lab has been at the forefront of fighting cyberespionage and cybercriminal activities on the Internet for over 20 years now, these allegations were treated very seriously. To assist any independent investigators and all the people who have been asking us questions whether those allegations were tr...

IT threat evolution Q3 2014

Securelist • David Emm Maria Garnaeva Victor Chebyshev Roman Unuchek Denis Makrushin Anton Ivanov • 18 Nov 2014

PDF version In July we published our in-depth analysis into a targeted attack campaign that we dubbed ‘Crouching Yeti’. This campaign is also known as ‘Energetic Bear’. This campaign, which has been active since late 2010, has so far targeted the following sectors: industrial/machinery, manufacturing, pharmaceutical, construction, education and information technology. So far there have been more than 2,800 victims worldwide, and we have been able to identify 101 different organisatio...

KSN: An Analysis of Web Browsers

Securelist • Sergey Golovanov • 11 Oct 2012

Today, cybercriminals are quick to exploit vulnerabilities in Adobe Reader, Flash and Java to infect users’ computers. There is a simple reason for this popularity: exploits of vulnerabilities found in these products can infect computers regardless of which operating systems and browsers are used on the attacked machines. We assumed that the threats posed to users were unaffected by their choice of browser and undertook a little research to test this assumption. Picture courtesy of the PCMAG w...

Securelist • Kurt Baumgartner • 30 May 2011

The Democratic Party of Hong Kong’s website was compromised and malware uploaded to the web server. Interestingly, the server was distributing malicious flash and spyware nearly identical to the compromised UK Amnesty International servers at the beginning of this month. The server is being cleaned up. The english version of the website did not include injected iframe links pointing to the exploit.html page, which in turn delivers three different version-appropriate malicious variants of flash...

CVE-2011-0611

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect