High severity7.8CISA KEVNVD Advisory· Published Mar 15, 2011· Updated Apr 21, 2026
CVE-2011-0609
CVE-2011-0609
Description
Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.
Affected products
14cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*range: >=9.0,<=9.4.2
- cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*range: >=9.0,<=9.4.2
- cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:acrobat_reader:10.0.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise:10.0:sp3:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:linux_enterprise:10.0:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise:11.0:sp1:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
23- googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.htmlnvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.htmlnvdMailing ListThird Party Advisory
- www.adobe.com/support/security/advisories/apsa11-01.htmlnvdVendor Advisory
- www.kb.cert.org/vuls/id/192052nvdThird Party AdvisoryUS Government Resource
- www.securityfocus.com/bid/46860nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/66078nvdThird Party AdvisoryVDB Entry
- blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.htmlnvdBroken Link
- secunia.com/advisories/43751nvdBroken Link
- secunia.com/advisories/43757nvdBroken Link
- secunia.com/advisories/43772nvdBroken Link
- secunia.com/advisories/43856nvdBroken Link
- securityreason.com/securityalert/8152nvdBroken Link
- www.adobe.com/support/security/bulletins/apsb11-06.htmlnvdNot Applicable
- www.redhat.com/support/errata/RHSA-2011-0372.htmlnvdBroken Link
- www.vupen.com/english/advisories/2011/0655nvdBroken Link
- www.vupen.com/english/advisories/2011/0656nvdBroken Link
- www.vupen.com/english/advisories/2011/0688nvdBroken Link
- www.vupen.com/english/advisories/2011/0732nvdBroken Link
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14147nvdBroken Link
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.