Summary
This host has Adobe Acrobat or Adobe Reader or Adobe flash Player installed and is prone to code execution vulnerability.
Impact
Successful exploitation will let attackers to corrupt memory and execute arbitrary code on the system with elevated privileges.
Impact Level: System/Application
Solution
Upgrade adobe flash player to version 10.2.159.1 or later, Update Adobe Reader/Acrobat to version 9.4.4 or 10.0.3 or later, For updates refer to http://www.adobe.com
Insight
The flaw is due to an error in handling 'SWF' file in adobe flash player and 'Authplay.dll' in Adobe acrobat/reader. which allows attackers to execute arbitrary code or cause a denial of service via crafted flash content.
Affected
Adobe Flash Player version 10.2.153.1 and prior on Windows.
Adobe Reader/Acrobat version 9.x to 9.4.3 and 10.x to 10.0.2 on windows.
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2011-0611 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat and Reader Multiple Vulnerabilities -Oct10 (Windows)
- Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Mac OS X)
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Windows)
- Adobe Air Multiple Vulnerabilities June-2012 (Windows)
- Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Mac OS X)