Rapid7 Vulnerability & Exploit Database

Security update for Adobe AIR (CVE-2011-0609)

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

Security update for Adobe AIR (CVE-2011-0609)

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

03/15/2011

Created

07/25/2018

Added

03/21/2012

Modified

06/09/2022

Description

Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.

Solution(s)

adobe-air-upgrade-latest

References

https://attackerkb.com/topics/cve-2011-0609
46860
192052
CVE - 2011-0609
OVAL14147
RHSA-2011:0372
http://www.adobe.com/support/security/bulletins/apsb11-05.html
66078

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;