| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 8.4 | $0-$5k | 0.00 |
Summary
A vulnerability was found in Adobe Flash Player and classified as very critical. The impacted element is an unknown function of the component SharedObject. Executing a manipulation can lead to memory corruption. This vulnerability is registered as CVE-2011-0611. Furthermore, an exploit is available. It is suggested to upgrade the affected component.
Details
A vulnerability classified as very critical was found in Adobe Flash Player (Multimedia Player Software) (the affected version is unknown). This vulnerability affects an unknown code of the component SharedObject. The manipulation with an unknown input leads to a memory corruption vulnerability. The CWE definition for the vulnerability is CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:
Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a "group of included constants," object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011.
The weakness was published 04/12/2011 by Snake with Secunia Research (Website). The advisory is available at contagiodump.blogspot.com. This vulnerability was named CVE-2011-0611 since 01/20/2011. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. Technical details are unknown but a public exploit is available. The structure of the vulnerability defines a possible price range of USD at the moment (estimation calculated on 04/22/2026). It is expected to see the exploit prices for this product decreasing in the near future.
A public exploit has been developed by Snake in Ruby and been published 3 months after the advisory. It is possible to download the exploit at securityfocus.com. It is declared as attacked. As 0-day the estimated underground price was around $25k-$100k. The vulnerability scanner Nessus provides a plugin with the ID 75497 (openSUSE Security Update : flash-player (openSUSE-SU-2011:0373-1)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family SuSE Local Security Checks and running in the context l. The commercial vulnerability scanner Qualys is able to test this issue with plugin 119145 (Adobe Reader and Acrobat Remote Code Execution Vulnerability (APSA11-02 and APSB11-08)). This issue was added on 03/03/2022 to the CISA Known Exploited Vulnerabilities Catalog with a due date of 03/24/2022:
The impacted product is end-of-life and should be disconnected if still in use.Upgrading eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at adobe.com. The best possible mitigation is suggested to be upgrading to the latest version. A possible mitigation has been published 3 days after the disclosure of the vulnerability. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 11072.
The vulnerability is also documented in the databases at Exploit-DB (17473), Zero-Day.cz (69), Tenable (75497), SecurityFocus (BID 47314†) and OSVDB (71686†). Similar entry is available at VDB-57285. If you want to get best quality of vulnerability data, you may have to visit VulDB.
Product
Type
Vendor
Name
License
Support
Website
- Vendor: https://www.adobe.com/
CPE 2.3
CPE 2.2
Video
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 8.4VulDB Meta Temp Score: 8.4
VulDB Base Score: 7.3
VulDB Temp Score: 7.0
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 8.8
NVD Vector: 🔍
CNA Base Score: 8.8
CNA Vector: 🔍
ADP CISA Base Score: 8.8
ADP CISA Vector: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Memory corruptionCWE: CWE-119
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Attacked
Author: Snake
Programming Language: 🔍
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
KEV Added: 🔍
KEV Due: 🔍
KEV Remediation: 🔍
KEV Ransomware: 🔍
KEV Notice: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 75497
Nessus Name: openSUSE Security Update : flash-player (openSUSE-SU-2011:0373-1)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
Nessus Port: 🔍
OpenVAS ID: 801921
OpenVAS Name: Adobe Products Arbitrary Code Execution Vulnerability (Windows)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Saint ID: exploit_info/flash_callmethod_bytecode
Saint Name: Adobe Flash Player callMethod Bytecode Memory Corruption
Qualys ID: 🔍
Qualys Name: 🔍
MetaSploit ID: adobe_flashplayer_flash10o.rb
MetaSploit Name: Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability
MetaSploit File: 🔍
Exploit-DB: 🔍
Zero-Day.cz: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Exploit Delay Time: 🔍
Patch: adobe.com
Suricata ID: 2012622
Suricata Class: 🔍
Suricata Message: 🔍
TippingPoint: 🔍
McAfee IPS: 🔍
McAfee IPS Version: 🔍
PaloAlto IPS: 🔍
Fortigate IPS: 🔍
Timeline
01/20/2011 🔍04/11/2011 🔍
04/11/2011 🔍
04/11/2011 🔍
04/12/2011 🔍
04/12/2011 🔍
04/13/2011 🔍
04/15/2011 🔍
04/18/2011 🔍
07/03/2011 🔍
07/03/2011 🔍
06/13/2014 🔍
04/22/2026 🔍
Sources
Vendor: adobe.comAdvisory: contagiodump.blogspot.com
Researcher: Snake
Organization: Secunia Research
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2011-0611 (🔍)
GCVE (CVE): GCVE-0-2011-0611
GCVE (VulDB): GCVE-100-4330
OVAL: 🔍
IAVM: 🔍
CERT: 🔍
X-Force: 66681
SecurityFocus: 47314 - Adobe Flash Player CVE-2011-0611 'SWF' File Remote Memory Corruption Vulnerability
Secunia: 44119 - Adobe Flash Player SharedObject Type Confusion Vulnerability, Extremely Critical
OSVDB: 71686 - Adobe Flash ActionScript Predefined Class Prototype Addition Remote Code Execution
SecurityTracker: 1025324
Vulnerability Center: 30994 - [APSB11-07, APSB11-08] Adobe Flash Player 10.2.156.12 Remote Memory Corruption Vulnerability, Medium
scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍
Entry
Created: 04/18/2011 02:00Updated: 04/22/2026 09:30
Changes: 04/18/2011 02:00 (101), 03/21/2017 10:02 (18), 03/19/2021 08:38 (4), 03/19/2021 08:43 (1), 04/23/2024 08:03 (23), 07/03/2024 04:27 (21), 07/16/2024 13:23 (2), 09/09/2024 22:29 (1), 01/26/2025 19:00 (2), 04/22/2026 09:30 (11)
Complete: 🔍
Cache ID: 216::103
If you want to get best quality of vulnerability data, you may have to visit VulDB.
No comments yet. Languages: en.
Please log in to comment.