ID

VAR-201108-0145


CVE

CVE-2011-2139


TITLE

Adobe Flash Player and Adobe AIR Vulnerabilities that bypass the same origin policy

Trust: 0.8

sources: JVNDB: JVNDB-2011-002153

DESCRIPTION

Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. Adobe Flash Player is prone to an unspecified cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. The product enables viewing of applications, content and video across screens and browsers. Remote attackers can use unidentified vectors to bypass the same-origin policy and obtain sensitive information. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: flash-player Announcement ID: SUSE-SA:2011:033 Date: Wed, 10 Aug 2011 14:00:00 +0000 Affected Products: SUSE Linux Enterprise Desktop 11 SP1 SUSE Linux Enterprise Desktop 10 SP4 Vulnerability Type: remote code execution CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) SUSE Default Package: yes Cross-References: CVE-2011-2130, CVE-2011-2134, CVE-2011-2135 CVE-2011-2136, CVE-2011-2137, CVE-2011-2138 CVE-2011-2139, CVE-2011-2140, CVE-2011-2414 CVE-2011-2415, CVE-2011-2416, CVE-2011-2417 CVE-2011-2425 Content of This Advisory: 1) Security Vulnerability Resolved: remote code execution Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: none 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion Flash-Player was updated to version 10.3.188.5 to fix various buffer and integer overflows: - CVE-2011-2130: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2134: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2135: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2136: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2137: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2138: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2139: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2140: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2414: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2415: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2416: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2417: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) - CVE-2011-2425: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) Earlier flash-player versions can be exploited to execute arbitrary code remotely with the privileges of the attacked user. For more details see: http://www.adobe.com/support/security/bulletins/apsb11-21.html 2) Solution or Work-Around none 3) Special Instructions and Notes Pleease restart your browser. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST "Online Update" module or the "zypper" commandline tool. The package and patch management stack will detect which updates are required and automatically perform the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv <file.rpm> to apply the update, replacing <file.rpm> with the filename of the downloaded RPM package. Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: SUSE Linux Enterprise Desktop 10 SP4 http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900 SUSE Linux Enterprise Desktop 11 SP1 http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10 ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: none ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify <file> replacing <file> with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made <DATE> using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team <security@suse.de>" where <DATE> is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuable and important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig <file.rpm> to verify the signature of the package, replacing <file.rpm> with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from build@suse.de with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. - SUSE runs two security mailing lists to which any interested party may subscribe: opensuse-security@opensuse.org - General Linux and SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security+subscribe@opensuse.org>. opensuse-security-announce@opensuse.org - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to <opensuse-security-announce+subscribe@opensuse.org>. The <security@suse.de> public key is listed below. ===================================================================== ______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, the clear text signature should show proof of the authenticity of the text. SUSE Linux Products GmbH provides no warranties of any kind whatsoever with respect to the information contained in this security advisory. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-10.3.183.10" References ========== [ 1 ] APSA11-01 http://www.adobe.com/support/security/advisories/apsa11-01.html [ 2 ] APSA11-02 http://www.adobe.com/support/security/advisories/apsa11-02.html [ 3 ] APSB11-02 http://www.adobe.com/support/security/bulletins/apsb11-02.html [ 4 ] APSB11-12 http://www.adobe.com/support/security/bulletins/apsb11-12.html [ 5 ] APSB11-13 http://www.adobe.com/support/security/bulletins/apsb11-13.html [ 6 ] APSB11-21 https://www.adobe.com/support/security/bulletins/apsb11-21.html [ 7 ] APSB11-26 https://www.adobe.com/support/security/bulletins/apsb11-26.html [ 8 ] CVE-2011-0558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0558 [ 9 ] CVE-2011-0559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0559 [ 10 ] CVE-2011-0560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0560 [ 11 ] CVE-2011-0561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0561 [ 12 ] CVE-2011-0571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0571 [ 13 ] CVE-2011-0572 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0572 [ 14 ] CVE-2011-0573 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0573 [ 15 ] CVE-2011-0574 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0574 [ 16 ] CVE-2011-0575 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0575 [ 17 ] CVE-2011-0577 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0577 [ 18 ] CVE-2011-0578 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0578 [ 19 ] CVE-2011-0579 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0579 [ 20 ] CVE-2011-0589 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0589 [ 21 ] CVE-2011-0607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0607 [ 22 ] CVE-2011-0608 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0608 [ 23 ] CVE-2011-0609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0609 [ 24 ] CVE-2011-0611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0611 [ 25 ] CVE-2011-0618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0618 [ 26 ] CVE-2011-0619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0619 [ 27 ] CVE-2011-0620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0620 [ 28 ] CVE-2011-0621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0621 [ 29 ] CVE-2011-0622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0622 [ 30 ] CVE-2011-0623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0623 [ 31 ] CVE-2011-0624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0624 [ 32 ] CVE-2011-0625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0625 [ 33 ] CVE-2011-0626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0626 [ 34 ] CVE-2011-0627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0627 [ 35 ] CVE-2011-0628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0628 [ 36 ] CVE-2011-2107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2107 [ 37 ] CVE-2011-2110 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2110 [ 38 ] CVE-2011-2125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2135 [ 39 ] CVE-2011-2130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2130 [ 40 ] CVE-2011-2134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2134 [ 41 ] CVE-2011-2136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2136 [ 42 ] CVE-2011-2137 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2137 [ 43 ] CVE-2011-2138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2138 [ 44 ] CVE-2011-2139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2139 [ 45 ] CVE-2011-2140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2140 [ 46 ] CVE-2011-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2414 [ 47 ] CVE-2011-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2415 [ 48 ] CVE-2011-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2416 [ 49 ] CVE-2011-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2417 [ 50 ] CVE-2011-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2424 [ 51 ] CVE-2011-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2425 [ 52 ] CVE-2011-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2426 [ 53 ] CVE-2011-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2427 [ 54 ] CVE-2011-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2428 [ 55 ] CVE-2011-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2429 [ 56 ] CVE-2011-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2430 [ 57 ] CVE-2011-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2444 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201110-11.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2011 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: acroread security update Advisory ID: RHSA-2011:1434-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-1434.html Issue date: 2011-11-08 CVE Names: CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2424 CVE-2011-2425 CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2429 CVE-2011-2430 CVE-2011-2431 CVE-2011-2432 CVE-2011-2433 CVE-2011-2434 CVE-2011-2435 CVE-2011-2436 CVE-2011-2437 CVE-2011-2438 CVE-2011-2439 CVE-2011-2440 CVE-2011-2442 CVE-2011-2444 ===================================================================== 1. Summary: Updated acroread packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: Adobe Reader allows users to view and print documents in Portable Document Format (PDF). This update fixes multiple security flaws in Adobe Reader. These flaws are detailed on the Adobe security page APSB11-24, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. These flaws are detailed on the Adobe security pages APSB11-21 and APSB11-26, listed in the References section. A PDF file with an embedded, specially-crafted SWF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. (CVE-2011-2429) All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4.6, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 729497 - CVE-2011-2130 CVE-2011-2134 CVE-2011-2135 CVE-2011-2136 CVE-2011-2137 CVE-2011-2138 CVE-2011-2139 CVE-2011-2140 CVE-2011-2414 CVE-2011-2415 CVE-2011-2416 CVE-2011-2417 CVE-2011-2425 flash-plugin: multiple arbitrary code execution flaws (APSB-11-21) 740201 - CVE-2011-2444 acroread, flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26 740204 - CVE-2011-2429 acroread, flash-plugin: security control bypass information disclosure fixed in APSB11-26 740388 - CVE-2011-2426 CVE-2011-2427 CVE-2011-2428 CVE-2011-2430 acroread, flash-plugin: critical flaws fixed in APSB11-26 749381 - acroread: multiple code execution flaws (APSB11-24) 6. Package List: Red Hat Enterprise Linux AS version 4 Extras: i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm x86_64: acroread-9.4.6-1.el4.i386.rpm Red Hat Desktop version 4 Extras: i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm x86_64: acroread-9.4.6-1.el4.i386.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm x86_64: acroread-9.4.6-1.el4.i386.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: acroread-9.4.6-1.el4.i386.rpm acroread-plugin-9.4.6-1.el4.i386.rpm x86_64: acroread-9.4.6-1.el4.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm x86_64: acroread-9.4.6-1.el5.i386.rpm acroread-plugin-9.4.6-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm x86_64: acroread-9.4.6-1.el6.i686.rpm acroread-plugin-9.4.6-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2011-2130.html https://www.redhat.com/security/data/cve/CVE-2011-2134.html https://www.redhat.com/security/data/cve/CVE-2011-2135.html https://www.redhat.com/security/data/cve/CVE-2011-2136.html https://www.redhat.com/security/data/cve/CVE-2011-2137.html https://www.redhat.com/security/data/cve/CVE-2011-2138.html https://www.redhat.com/security/data/cve/CVE-2011-2139.html https://www.redhat.com/security/data/cve/CVE-2011-2140.html https://www.redhat.com/security/data/cve/CVE-2011-2414.html https://www.redhat.com/security/data/cve/CVE-2011-2415.html https://www.redhat.com/security/data/cve/CVE-2011-2416.html https://www.redhat.com/security/data/cve/CVE-2011-2417.html https://www.redhat.com/security/data/cve/CVE-2011-2424.html https://www.redhat.com/security/data/cve/CVE-2011-2425.html https://www.redhat.com/security/data/cve/CVE-2011-2426.html https://www.redhat.com/security/data/cve/CVE-2011-2427.html https://www.redhat.com/security/data/cve/CVE-2011-2428.html https://www.redhat.com/security/data/cve/CVE-2011-2429.html https://www.redhat.com/security/data/cve/CVE-2011-2430.html https://www.redhat.com/security/data/cve/CVE-2011-2431.html https://www.redhat.com/security/data/cve/CVE-2011-2432.html https://www.redhat.com/security/data/cve/CVE-2011-2433.html https://www.redhat.com/security/data/cve/CVE-2011-2434.html https://www.redhat.com/security/data/cve/CVE-2011-2435.html https://www.redhat.com/security/data/cve/CVE-2011-2436.html https://www.redhat.com/security/data/cve/CVE-2011-2437.html https://www.redhat.com/security/data/cve/CVE-2011-2438.html https://www.redhat.com/security/data/cve/CVE-2011-2439.html https://www.redhat.com/security/data/cve/CVE-2011-2440.html https://www.redhat.com/security/data/cve/CVE-2011-2442.html https://www.redhat.com/security/data/cve/CVE-2011-2444.html https://access.redhat.com/security/updates/classification/#critical http://www.adobe.com/support/security/bulletins/apsb11-21.html http://www.adobe.com/support/security/bulletins/apsb11-24.html http://www.adobe.com/support/security/bulletins/apsb11-26.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFOuRkFXlSAg2UNWIIRAqaIAJoC3LKpTEj6IsfoUq9JqGuHAKt3bACfcz3q 0+KSTL2IByBwtP8+xfPmUNE= =qFq6 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ---------------------------------------------------------------------- The Secunia CSI 5.0 Beta - now available for testing Find out more, take a free test drive, and share your opinion with us: http://secunia.com/blog/242 ---------------------------------------------------------------------- TITLE: Red Hat update for flash-plugin SECUNIA ADVISORY ID: SA45593 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45593/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45593 RELEASE DATE: 2011-08-12 DISCUSS ADVISORY: http://secunia.com/advisories/45593/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45593/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45593 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1144-1: https://rhn.redhat.com/errata/RHSA-2011-1144.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor

Trust: 2.52

sources: NVD: CVE-2011-2139 // JVNDB: JVNDB-2011-002153 // BID: 49086 // VULHUB: VHN-50084 // PACKETSTORM: 103913 // PACKETSTORM: 103946 // PACKETSTORM: 105802 // PACKETSTORM: 109194 // PACKETSTORM: 106736 // PACKETSTORM: 103929

AFFECTED PRODUCTS

vendor:adobemodel:airscope:eqversion:2.6

Trust: 1.9

vendor:adobemodel:flash playerscope:eqversion:7.0.61.0

Trust: 1.9

vendor:adobemodel:airscope:eqversion:1.5.3

Trust: 1.6

vendor:adobemodel:airscope:eqversion:1.5

Trust: 1.6

vendor:adobemodel:airscope:eqversion:2.0.3

Trust: 1.6

vendor:adobemodel:flash playerscope:eqversion:7.0.25

Trust: 1.6

vendor:adobemodel:airscope:eqversion:2.0.2

Trust: 1.6

vendor:adobemodel:airscope:eqversion:1.0

Trust: 1.6

vendor:adobemodel:airscope:eqversion:1.5.2

Trust: 1.6

vendor:adobemodel:airscope:eqversion:1.1

Trust: 1.6

vendor:adobemodel:flash playerscope:eqversion:9.0.246.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:8.0.35.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:9.0.115.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.25

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:7.0.60.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:7.0.14.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.1.95.1

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.2.156.12

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.1.95.2

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:9.0.155.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.33

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.13

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:7.0.53.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:9.0.262.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.2.157.51

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.14

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.1.92.8

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.1.52.15

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.32

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:7.0.68.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.16

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:7.0.66.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:9.0.28.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:9.0.260.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.23

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.1.52.14.1

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.0.32.18

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:9.0.277.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.0.12.36

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:9.0.283.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.21

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.1.53.64

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:9.0.124.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.23

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.34

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:9.0.152.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.0.22.87

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.1.85.3

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.1.82.76

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:7.0.73.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:9.0.159.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:7.0.69.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:9.0.151.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.0.15.3

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:9.0.31.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.2.159.1

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.1.105.6

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:9.0.47.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:9.0.45.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:7.0.24.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:7.0.19.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:8.0.34.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.0.42.34

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:9.0.48.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:7.0.67.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.1.92.10

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:7.0.70.0

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.1.106.16

Trust: 1.3

vendor:adobemodel:flash playerscope:eqversion:10.1.102.64

Trust: 1.3

vendor:adobemodel:airscope:eqversion:2.7

Trust: 1.1

vendor:adobemodel:flash playerscope:eqversion:10.0.0.584

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:9.0.20.0

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:6.0.21.0

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:8.0.24.0

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:9.0.114.0

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:9.0.28

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:7.0.63

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:8.0.22.0

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:9.0

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:8.0

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:10.0.45.2

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:7.1

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:10.0.12.10

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:8.0.33.0

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:9.0.20

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:9.0.112.0

Trust: 1.0

vendor:adobemodel:flash playerscope:lteversion:10.3.185.25

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:7.0

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:9.0.18d60

Trust: 1.0

vendor:adobemodel:flash playerscope:lteversion:10.3.181.36

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:8.0.39.0

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:7.0.1

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:9.0.16

Trust: 1.0

vendor:adobemodel:airscope:eqversion:2.0.4

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:7.1.1

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:9.0.125.0

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:8.0.42.0

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:7.2

Trust: 1.0

vendor:adobemodel:airscope:lteversion:2.7

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:9.125.0

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:6.0.79

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:9.0.31

Trust: 1.0

vendor:adobemodel:flash playerscope:lteversion:10.3.181.34

Trust: 0.8

vendor:adobemodel:flash playerscope:lteversion:10.3.181.36 for chrome users

Trust: 0.8

vendor:adobemodel:flash playerscope:lteversion:10.3.185.25 for android

Trust: 0.8

vendor:hewlett packardmodel:hp systems insight managerscope:ltversion:7.0

Trust: 0.8

vendor:red hatmodel:enterprise linux server supplementaryscope:eqversion:6

Trust: 0.8

vendor:red hatmodel:enterprise linux server supplementary eusscope:eqversion:6.1.z

Trust: 0.8

vendor:red hatmodel:enterprise linux workstation supplementaryscope:eqversion:6

Trust: 0.8

vendor:red hatmodel:rhel desktop supplementaryscope:eqversion:5 (client)

Trust: 0.8

vendor:red hatmodel:rhel desktop supplementaryscope:eqversion:6

Trust: 0.8

vendor:red hatmodel:rhel supplementaryscope:eqversion:5 (server)

Trust: 0.8

vendor:red hatmodel:rhel supplementary eusscope:eqversion:5.6.z (server)

Trust: 0.8

vendor:red hatmodel:rhel supplementary long lifescope:eqversion:5.6 (server)

Trust: 0.8

vendor:googlemodel:chromescope:eqversion:9.0.597.94

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11.0.696.57

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.12.35

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:12.0.742.100

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.21

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.6.19140

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.280

Trust: 0.3

vendor:adobemodel:flash playerscope:neversion:10.3.186.3

Trust: 0.3

vendor:redhatmodel:enterprise linux supplementary serverscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux server supplementaryscope:eqversion:6

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11.0.696.43

Trust: 0.3

vendor:hpmodel:systems insight managerscope:neversion:7.0

Trust: 0.3

vendor:hpmodel:systems insight manager sp2scope:eqversion:5.2

Trust: 0.3

vendor:redhatmodel:desktop extrasscope:eqversion:4

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.22

Trust: 0.3

vendor:hpmodel:systems insight manager sp6scope:eqversion:5.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.51.66

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:13

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.3

Trust: 0.3

vendor:redhatmodel:enterprise linux as extrasscope:eqversion:4

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.27

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.153.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:10.0.648.204

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.2460

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:10.0.648.128

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:8

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.22

Trust: 0.3

vendor:hpmodel:systems insight managerscope:eqversion:6.1

Trust: 0.3

vendor:hpmodel:systems insight managerscope:eqversion:6.0.0.96

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.26

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation supplementaryscope:eqversion:6

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.4

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:10.0.648.127

Trust: 0.3

vendor:sunmodel:solaris expressscope:eqversion:11

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.262

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11.0.696.65

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.24

Trust: 0.3

vendor:hpmodel:systems insight managerscope:eqversion:5.3

Trust: 0.3

vendor:hpmodel:systems insight manager sp1scope:eqversion:4.2

Trust: 0.3

vendor:hpmodel:systems insight manager sp3scope:eqversion:5.0

Trust: 0.3

vendor:hpmodel:systems insight manager sp2scope:eqversion:4.2

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:9.0.597.107

Trust: 0.3

vendor:hpmodel:systems insight manager sp1scope:eqversion:5.0

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp1scope:eqversion:11

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.18

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:12.0.742.112

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11.0.696.71

Trust: 0.3

vendor:hpmodel:systems insight managerscope:eqversion:4.2

Trust: 0.3

vendor:xeroxmodel:freeflow print server 73.b3.61scope: - version: -

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.3218

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.289.0

Trust: 0.3

vendor:hpmodel:systems insight managerscope:eqversion:5.0

Trust: 0.3

vendor:redhatmodel:enterprise linux extrasscope:eqversion:4

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:12.0.742.91

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.25

Trust: 0.3

vendor:sunmodel:solaris 10 sparcscope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementary clientscope:eqversion:5

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:9.0.597.84

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:avayamodel:interactive responsescope:eqversion:4.0

Trust: 0.3

vendor:googlemodel:chromescope:neversion:13.0.782.112

Trust: 0.3

vendor:hpmodel:systems insight managerscope:eqversion:6.0

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:13.0.782.107

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11.0.696.77

Trust: 0.3

vendor:redhatmodel:enterprise linux ws extrasscope:eqversion:4

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.452

Trust: 0.3

vendor:hpmodel:systems insight manager sp2scope:eqversion:5.0

Trust: 0.3

vendor:adobemodel:flash playerscope:neversion:10.3.183.5

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11.0.696.68

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11.0.672.2

Trust: 0.3

vendor:redhatmodel:enterprise linux es extrasscope:eqversion:4

Trust: 0.3

vendor:adobemodel:airscope:neversion:2.7.1

Trust: 0.3

vendor:hpmodel:systems insight managerscope:eqversion:6.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:12

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:10

Trust: 0.3

vendor:sunmodel:solaris 10 x86scope: - version: -

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:11

Trust: 0.3

vendor:hpmodel:systems insight manager sp5scope:eqversion:5.0

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp4scope:eqversion:10

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:10.0.648.133

Trust: 0.3

vendor:hpmodel:systems insight managerscope:eqversion:6.2

Trust: 0.3

vendor:adobemodel:airscope:neversion:2.7.1.1961

Trust: 0.3

vendor:hpmodel:systems insight manager sp1scope:eqversion:5.1

Trust: 0.3

vendor:adobemodel:flash player release candidascope:eqversion:10.1

Trust: 0.3

vendor:googlemodel:chromescope:eqversion:10.0.648.205

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.28

Trust: 0.3

vendor:hpmodel:systems insight manager updatescope:eqversion:5.31

Trust: 0.3

vendor:adobemodel:airscope:eqversion:2.6.19120

Trust: 0.3

vendor:xeroxmodel:freeflow print server 73.c0.41scope: - version: -

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.102.65

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementaryscope:eqversion:6

Trust: 0.3

sources: BID: 49086 // JVNDB: JVNDB-2011-002153 // CNNVD: CNNVD-201108-192 // NVD: CVE-2011-2139

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2011-2139
value: MEDIUM

Trust: 1.0

NVD: CVE-2011-2139
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201108-192
value: MEDIUM

Trust: 0.6

VULHUB: VHN-50084
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2011-2139
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-50084
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-50084 // JVNDB: JVNDB-2011-002153 // CNNVD: CNNVD-201108-192 // NVD: CVE-2011-2139

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-50084 // JVNDB: JVNDB-2011-002153 // NVD: CVE-2011-2139

THREAT TYPE

remote

Trust: 0.8

sources: PACKETSTORM: 105802 // PACKETSTORM: 109194 // CNNVD: CNNVD-201108-192

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201108-192

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-002153

PATCH

title:APSB11-21url:http://www.adobe.com/support/security/bulletins/apsb11-21.html

Trust: 0.8

title:APSB11-21 (cpsid_91448)url:http://kb2.adobe.com/jp/cps/914/cpsid_91448.html

Trust: 0.8

title:APSB11-21url:http://www.adobe.com/jp/support/security/bulletins/apsb11-21.html

Trust: 0.8

title:HPSBMU02769 SSRT100846url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03298151

Trust: 0.8

title:RHSA-2011:1144url:https://rhn.redhat.com/errata/RHSA-2011-1144.html

Trust: 0.8

title:TA11-222Aurl:http://software.fujitsu.com/jp/security/vulnerabilities/ta11-222a.html

Trust: 0.8

sources: JVNDB: JVNDB-2011-002153

EXTERNAL IDS

db:NVDid:CVE-2011-2139

Trust: 3.3

db:USCERTid:TA11-222A

Trust: 1.9

db:SECUNIAid:45529

Trust: 1.4

db:SECUNIAid:45583

Trust: 1.4

db:BIDid:49086

Trust: 1.2

db:SECUNIAid:48308

Trust: 1.1

db:SECUNIAid:45593

Trust: 0.9

db:SECTRACKid:1025907

Trust: 0.8

db:SECTRACKid:1025914

Trust: 0.8

db:OSVDBid:74438

Trust: 0.8

db:USCERTid:SA11-222A

Trust: 0.8

db:JVNDBid:JVNDB-2011-002153

Trust: 0.8

db:CNNVDid:CNNVD-201108-192

Trust: 0.7

db:NSFOCUSid:17524

Trust: 0.6

db:NSFOCUSid:17880

Trust: 0.6

db:BIDid:49090

Trust: 0.6

db:VULHUBid:VHN-50084

Trust: 0.1

db:PACKETSTORMid:103913

Trust: 0.1

db:PACKETSTORMid:103946

Trust: 0.1

db:PACKETSTORMid:105802

Trust: 0.1

db:PACKETSTORMid:109194

Trust: 0.1

db:PACKETSTORMid:106736

Trust: 0.1

db:PACKETSTORMid:103929

Trust: 0.1

sources: VULHUB: VHN-50084 // BID: 49086 // JVNDB: JVNDB-2011-002153 // PACKETSTORM: 103913 // PACKETSTORM: 103946 // PACKETSTORM: 105802 // PACKETSTORM: 109194 // PACKETSTORM: 106736 // PACKETSTORM: 103929 // CNNVD: CNNVD-201108-192 // NVD: CVE-2011-2139

REFERENCES

url:http://www.adobe.com/support/security/bulletins/apsb11-21.html

Trust: 2.4

url:http://www.us-cert.gov/cas/techalerts/ta11-222a.html

Trust: 1.9

url:http://secunia.com/advisories/45529

Trust: 1.4

url:http://secunia.com/advisories/45583

Trust: 1.4

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14204

Trust: 1.1

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16030

Trust: 1.1

url:http://www.redhat.com/support/errata/rhsa-2011-1144.html

Trust: 1.1

url:http://secunia.com/advisories/48308

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00006.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00007.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00008.html

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2139

Trust: 0.8

url:https://www.jpcert.or.jp/at/2011/at110022.txt

Trust: 0.8

url:http://jvn.jp/cert/jvnta11-222a

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2139

Trust: 0.8

url:http://osvdb.org/74438

Trust: 0.8

url:http://secunia.com/advisories/45593

Trust: 0.8

url:http://www.securityfocus.com/bid/49086

Trust: 0.8

url:http://www.securitytracker.com/id?1025914

Trust: 0.8

url:http://www.securitytracker.com/id?1025907

Trust: 0.8

url:http://www.us-cert.gov/cas/alerts/sa11-222a.html

Trust: 0.8

url:http://www.npa.go.jp/cyberpolice/#topics

Trust: 0.8

url:http://www.securityfocus.com/bid/49090

Trust: 0.6

url:http://www.nsfocus.net/vulndb/17524

Trust: 0.6

url:http://www.nsfocus.net/vulndb/17880

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2011-2130

Trust: 0.4

url:http://www.adobe.com

Trust: 0.3

url:http://googlechromereleases.blogspot.com/2011/08/stable-channel-update_09.html

Trust: 0.3

url:http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer

Trust: 0.3

url:http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_adobe_flashplayer2

Trust: 0.3

url:http://support.avaya.com/css/p8/documents/100151664

Trust: 0.3

url:http://www.xerox.com/download/security/security-bulletin/1284333-14afb-4baadb5bccb00/cert_xrx12-002_v1.1.pdf

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-2416

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-2137

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-2414

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-2425

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-2415

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-2139

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-2135

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-2417

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-2136

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-2138

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-2134

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2011-2140

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2011-2425.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2011-2415.html

Trust: 0.2

url:https://access.redhat.com/kb/docs/doc-11259

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#critical

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2011-2138.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2011-2416.html

Trust: 0.2

url:https://access.redhat.com/security/team/contact/

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2011-2135.html

Trust: 0.2

url:https://rhn.redhat.com/errata/rhsa-2011-1144.html

Trust: 0.2

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2011-2137.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2011-2140.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2011-2130.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2011-2414.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2011-2139.html

Trust: 0.2

url:https://access.redhat.com/security/team/key/#package

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2011-2134.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2011-2417.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2011-2136.html

Trust: 0.2

url:http://bugzilla.redhat.com/):

Trust: 0.2

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2414

Trust: 0.2

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2417

Trust: 0.2

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.2

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2415

Trust: 0.2

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2135

Trust: 0.2

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2139

Trust: 0.2

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2425

Trust: 0.2

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2416

Trust: 0.2

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2424

Trust: 0.2

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2130

Trust: 0.2

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2134

Trust: 0.2

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2137

Trust: 0.2

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2138

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2011-0589

Trust: 0.2

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2136

Trust: 0.2

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0589

Trust: 0.2

url:https://www.adobe.com/support/security/bulletins/apsb11-26.html

Trust: 0.2

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2140

Trust: 0.2

url:http://security.gentoo.org/

Trust: 0.2

url:https://bugs.gentoo.org.

Trust: 0.2

url:http://download.novell.com/patch/finder/?keywords=377e091a105e9d540a2a90f09cff0a10

Trust: 0.1

url:http://secunia.com/

Trust: 0.1

url:http://lists.grok.org.uk/full-disclosure-charter.html

Trust: 0.1

url:http://download.novell.com/patch/finder/?keywords=7c71e4aec6afd72e6b40f8cf2817e900

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0579

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0624

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0627

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0622

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0626

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0608

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0574

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0625

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0575

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0558

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0572

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2444

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0607

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0623

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0560

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0620

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0621

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0560

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0609

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0624

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0626

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2107

Trust: 0.1

url:http://www.adobe.com/support/security/bulletins/apsb11-02.html

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2429

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2110

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0628

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0574

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0573

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0575

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0571

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0559

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2426

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0620

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0579

Trust: 0.1

url:http://www.adobe.com/support/security/bulletins/apsb11-13.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0578

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0611

Trust: 0.1

url:http://www.adobe.com/support/security/bulletins/apsb11-12.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0573

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0561

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0572

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0618

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0619

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0561

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0558

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0578

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0623

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0621

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0577

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0609

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0627

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2428

Trust: 0.1

url:http://www.adobe.com/support/security/advisories/apsa11-02.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0619

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0628

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0607

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2430

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2427

Trust: 0.1

url:http://security.gentoo.org/glsa/glsa-201110-11.xml

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0559

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0625

Trust: 0.1

url:http://www.adobe.com/support/security/advisories/apsa11-01.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0608

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0571

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0622

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0611

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0618

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0577

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2432

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0599

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0604

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0567

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0605

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0591

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0586

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0587

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0587

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2438

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0600

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2462

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2434

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0565

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0567

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0596

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0603

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0563

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2431

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0595

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0570

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0588

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0595

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2010-4091

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-4369

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0562

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2436

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0596

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0604

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0588

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2439

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0585

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2441

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0598

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0603

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0562

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0602

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0593

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0592

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0590

Trust: 0.1

url:http://security.gentoo.org/glsa/glsa-201201-19.xml

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0585

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0586

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0565

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0606

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0570

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0594

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0600

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0592

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2433

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0566

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0599

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2010-4091

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2442

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2437

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0606

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0566

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2435

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0594

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0605

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0563

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0591

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-0593

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-2440

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0602

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0590

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-0598

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2438

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-2424.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2429

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-2432.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-2436.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-2438.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-2428.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2434

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-2444.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-2439.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-2431.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2428

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2430

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2433

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2435

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-2430.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-2435.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-2442.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-2433.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2427

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2432

Trust: 0.1

url:http://www.adobe.com/support/security/bulletins/apsb11-24.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2426

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2431

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-2426.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2436

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2011-1434.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-2437.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-2429.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-2427.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-2440.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2011-2434.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2437

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2439

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2011-2424

Trust: 0.1

url:http://secunia.com/vulnerability_intelligence/

Trust: 0.1

url:http://secunia.com/blog/242

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=45593

Trust: 0.1

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/advisories/45593/

Trust: 0.1

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/advisories/45593/#comments

Trust: 0.1

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.1

sources: VULHUB: VHN-50084 // BID: 49086 // JVNDB: JVNDB-2011-002153 // PACKETSTORM: 103913 // PACKETSTORM: 103946 // PACKETSTORM: 105802 // PACKETSTORM: 109194 // PACKETSTORM: 106736 // PACKETSTORM: 103929 // CNNVD: CNNVD-201108-192 // NVD: CVE-2011-2139

CREDITS

Houssam Sahli

Trust: 0.6

sources: CNNVD: CNNVD-201108-192

SOURCES

db:VULHUBid:VHN-50084
db:BIDid:49086
db:JVNDBid:JVNDB-2011-002153
db:PACKETSTORMid:103913
db:PACKETSTORMid:103946
db:PACKETSTORMid:105802
db:PACKETSTORMid:109194
db:PACKETSTORMid:106736
db:PACKETSTORMid:103929
db:CNNVDid:CNNVD-201108-192
db:NVDid:CVE-2011-2139

LAST UPDATE DATE

2024-11-21T21:57:40.228000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-50084date:2018-10-30T00:00:00
db:BIDid:49086date:2015-03-19T08:11:00
db:JVNDBid:JVNDB-2011-002153date:2013-03-26T00:00:00
db:CNNVDid:CNNVD-201108-192date:2011-08-17T00:00:00
db:NVDid:CVE-2011-2139date:2018-10-30T16:26:24.687

SOURCES RELEASE DATE

db:VULHUBid:VHN-50084date:2011-08-10T00:00:00
db:BIDid:49086date:2011-08-09T00:00:00
db:JVNDBid:JVNDB-2011-002153date:2011-08-29T00:00:00
db:PACKETSTORMid:103913date:2011-08-11T04:36:04
db:PACKETSTORMid:103946date:2011-08-12T05:17:05
db:PACKETSTORMid:105802date:2011-10-14T06:16:06
db:PACKETSTORMid:109194date:2012-01-31T00:07:37
db:PACKETSTORMid:106736date:2011-11-08T15:21:13
db:PACKETSTORMid:103929date:2011-08-11T08:17:54
db:CNNVDid:CNNVD-201108-192date:1900-01-01T00:00:00
db:NVDid:CVE-2011-2139date:2011-08-10T22:55:00.860