CVE-2011-2107

Description

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a universal cross-site scripting vulnerability.

Risk Information

Base Score

8.1

MODERATE

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

EPSS Score

Exploitation Probability

1.077

Associated Vulnerability

Vulnerability	OS Platform
Upgrade Adobe flash player 10.0.0.584 to latest version	Windows
Multiple vulnerabilities affected in Acrobat Reader 10.0.3	Windows
Vulnerabilities CVE-2011-2107 are affected in Adobe Flash Player Plugin 10.3.185.22	Windows
Vulnerabilities CVE-2011-2107 are affected in Adobe Flash Player PPAPI 10.3.185.22	Windows
Multiple vulnerabilities affected in Adobe Acrobat X Standard 10.0.3	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-315465	Adobe Acrobat Reader MUI DC (Classic Track) update - All languages (15.006.30527) (APSB20-48)
PATCH-302922	Adobe Acrobat 10.1.16 Pro and Standard update - All languages (APSB15-24) (Deployment-Only)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234