Vulnerabilities > CVE-2011-4694 - Remote Security vulnerability in Adobe Flash Player 11.1.102.55

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
adobe
apple
microsoft
critical

Summary

Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote attackers to execute arbitrary code via a crafted SWF file, as demonstrated by the second of two vulnerabilities exploited by the Intevydis vd_adobe_fp module in VulnDisco Step Ahead (SA). NOTE: as of 20111207, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.

Vulnerable Configurations

Part Description Count
Application
Adobe
1
OS
Apple
1
OS
Microsoft
1

Oval

  • accepted2015-08-03T04:00:51.055-04:00
    classvulnerability
    contributors
    • nameAharon Chernin
      organizationDTCC
    • nameJosh Turpin
      organizationSymantec Corporation
    • nameShane Shaffer
      organizationG2, Inc.
    • nameMaria Kedovskaya
      organizationALTX-SOFT
    • nameMaria Kedovskaya
      organizationALTX-SOFT
    • nameMaria Mikhno
      organizationALTX-SOFT
    • nameMaria Mikhno
      organizationALTX-SOFT
    • nameMaria Mikhno
      organizationALTX-SOFT
    definition_extensions
    • commentAdobe Flash Player 11 is installed
      ovaloval:org.mitre.oval:def:13071
    • commentActiveX Control is installed
      ovaloval:org.mitre.oval:def:26707
    descriptionUnspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote attackers to execute arbitrary code via a crafted SWF file, as demonstrated by the second of two vulnerabilities exploited by the Intevydis vd_adobe_fp module in VulnDisco Step Ahead (SA). NOTE: as of 20111207, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
    familywindows
    idoval:org.mitre.oval:def:14539
    statusaccepted
    submitted2011-12-09T10:51:15.000-05:00
    titleUnspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote attackers to execute arbitrary code via a crafted SWF file, as demonstrated by the second of two vulnerabilities exploited by the Intevydis vd_adobe_fp module in VulnDisco Step Ahead (SA). NOTE: as of 20111207, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
    version66
  • accepted2013-02-04T04:00:39.526-05:00
    classvulnerability
    contributors
    nameShane Shaffer
    organizationG2, Inc.
    definition_extensions
    commentAdobe Flash Player 11 is installed
    ovaloval:org.mitre.oval:def:16112
    descriptionUnspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote attackers to execute arbitrary code via a crafted SWF file, as demonstrated by the second of two vulnerabilities exploited by the Intevydis vd_adobe_fp module in VulnDisco Step Ahead (SA). NOTE: as of 20111207, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
    familymacos
    idoval:org.mitre.oval:def:16096
    statusaccepted
    submitted2012-12-20T15:35:55.661-05:00
    titleUnspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote attackers to execute arbitrary code via a crafted SWF file, as demonstrated by the second of two vulnerabilities exploited by the Intevydis vd_adobe_fp module in VulnDisco Step Ahead (SA). NOTE: as of 20111207, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
    version4