Unrated severityNVD Advisory· Published Aug 10, 2011· Updated Apr 29, 2026

CVE-2011-2137

Description

Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2414, and CVE-2011-2415.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Buffer overflow in Adobe Flash Player and AIR allows arbitrary code execution via unspecified vectors.

Vulnerability

A buffer overflow vulnerability exists in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.3 on Android, as well as in Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android [2]. The vulnerability is triggered via unspecified vectors, as described in the official CVE entry.

Exploitation

An attacker can exploit this vulnerability remotely by convincing a user to open a malicious Flash file (e.g., via a web page or email attachment). No authentication is required, and the attack does not require any special network position beyond delivering the crafted content to the target [2].

Impact

Successful exploitation allows an attacker to execute arbitrary code on the affected system with the privileges of the user running the vulnerable Flash Player or AIR instance. This can lead to full compromise of the user's data and system [2].

Mitigation

Adobe released updates to address this vulnerability: Flash Player 10.3.183.5 and AIR 2.7.1 (and corresponding Android versions) [2]. Red Hat also provided an update via RHSA-2011:1144 [1]. Users should apply the latest updates from Adobe or their operating system vendor as soon as possible.

References

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

103

Adobe Inc./Air11 versions
cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*range: <=2.7
- cpe:2.3:a:adobe:adobe_air:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:adobe_air:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:adobe_air:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:adobe_air:1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:adobe_air:1.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:adobe_air:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:adobe_air:2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:adobe_air:2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:adobe_air:2.6:*:*:*:*:*:*:*
- (no CPE)range: <2.7.1
Adobe Inc./Flashplayer91 versions
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*+ 90 more
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*range: <=10.3.181.36
- cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.102.64:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.105.6:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.106.16:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.95.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.2.152:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.2.152.32:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.2.152.33:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.2.154.13:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.2.154.25:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.2.156.12:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.2.157.51:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.2.159.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.181.14:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.181.16:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.181.23:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.181.34:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.185.21:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.185.23:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.14.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.19.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.24.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.53.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.60.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.61.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.66.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.67.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.68.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.73.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.155.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.262.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.277.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.283.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*
Adobe Inc./Flash Playerllm-fuzzy
Range: <10.3.183.5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000