PT-2011-3884 · Adobe+1 · Flash Player+2
Published
2011-11-11
·
Updated
2018-11-29
·
CVE-2011-2458
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Adobe Flash Player versions prior to 10.3.183.11 and 11.x prior to 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and prior to 11.1.102.59 on Android
Adobe AIR versions prior to 3.1.0.4880
Description
The issue allows remote attackers to bypass the cross-domain policy via a crafted web site when Internet Explorer is used.
Recommendations
For Adobe Flash Player versions prior to 10.3.183.11, update to version 10.3.183.11 or later.
For Adobe Flash Player 11.x versions prior to 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris, update to version 11.1.102.55 or later.
For Adobe Flash Player 11.x versions prior to 11.1.102.59 on Android, update to version 11.1.102.59 or later.
For Adobe AIR versions prior to 3.1.0.4880, update to version 3.1.0.4880 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Air
Flash Player
Internet Explorer