[Forgot Password]
Login  Register Subscribe

23631

 
 

126998

 
 

102010

 
 

909

 
 

80911

 
 

121

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2011-2444Date: (C)2011-09-21   (M)2018-02-19


Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a "universal cross-site scripting issue," as exploited in the wild in September 2011.

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score  : CVSS Score  : 4.3
Exploit Score: Exploit Score: 8.6
Impact Score : Impact Score : 2.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: NETWORK
Attack Complexity: Access Complexity: MEDIUM
Privileges Required: Authentication: NONE
User Interaction: Confidentiality: NONE
Scope: Integrity: PARTIAL
Confidentiality: Availability: NONE
Integrity:  
Availability:  
  





Reference:
SECUNIA-48308
IAVM:2012-B-0048
RHSA-2011:1333
SUSE-SU-2011:1063
http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_20.html
http://www.adobe.com/support/security/bulletins/apsb11-26.html

CPE    94
cpe:/a:adobe:flash_player:7.0.60.0
cpe:/a:adobe:flash_player:9.0.125.0
cpe:/a:adobe:flash_player:9.0.45.0
cpe:/a:adobe:flash_player:7.0.25
...
CWE    1
CWE-79
OVAL    8
oval:org.secpod.oval:def:2345
oval:org.secpod.oval:def:2333
oval:org.secpod.oval:def:2339
oval:org.secpod.oval:def:4434
...

© 2013 SecPod Technologies