[Forgot Password]
Login  Register Subscribe

24003

 
 

131486

 
 

106342

 
 

909

 
 

84572

 
 

134

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2011-2444Date: (C)2011-09-21   (M)2018-05-13


Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a "universal cross-site scripting issue," as exploited in the wild in September 2011.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score : 4.3
Exploit Score: Exploit Score: 8.6
Impact Score: Impact Score: 2.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: NETWORK
Attack Complexity: Access Complexity: MEDIUM
Privileges Required: Authentication: NONE
User Interaction: Confidentiality: NONE
Scope: Integrity: PARTIAL
Confidentiality: Availability: NONE
Integrity:  
Availability:  
  
Reference:
SECUNIA-48308
IAVM:2012-B-0048
RHSA-2011:1333
SUSE-SU-2011:1063
http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_20.html
http://www.adobe.com/support/security/bulletins/apsb11-26.html

CPE    94
cpe:/a:adobe:flash_player:7.0.60.0
cpe:/a:adobe:flash_player:9.0.125.0
cpe:/a:adobe:flash_player:9.0.45.0
cpe:/a:adobe:flash_player:7.0.25
...
CWE    1
CWE-79
OVAL    8
oval:org.secpod.oval:def:4434
oval:org.secpod.oval:def:6009
oval:org.secpod.oval:def:6010
oval:org.secpod.oval:def:5317
...

© 2013 SecPod Technologies