FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2011-0609

This CVE name corresponds to:

Entered Topic
2011-03-24 linux-flashplugin -- remote code execution vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2011-0609 at cve.mitre.org

Details

Type Candidate
Name CVE-2011-0609
Phase Assigned(20110120)

Description

Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.

References

Source Reference
MISC http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.html
CONFIRM http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html
CONFIRM http://www.adobe.com/support/security/advisories/apsa11-01.html
CONFIRM http://www.adobe.com/support/security/bulletins/apsb11-06.html
REDHAT RHSA-2011:0372
SUSE SUSE-SR:2011:005
CERT-VN VU#192052
BID 46860
OVAL oval:org.mitre.oval:def:14147
SECTRACK 1025210
SECTRACK 1025211
SECTRACK 1025238
SECUNIA 43751
SECUNIA 43757
SECUNIA 43772
SECUNIA 43856
SREASON 8152
VUPEN ADV-2011-0655
VUPEN ADV-2011-0656
VUPEN ADV-2011-0688
VUPEN ADV-2011-0732
XF adobe-flash-authplay-ce(66078)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.