CVE-2011-2458
Description
Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, when Internet Explorer is used, allows remote attackers to bypass the cross-domain policy via a crafted web site.
Risk Information
Base Score
9.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.019
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Upgrade Adobe Air 3.1.0.485 to latest version | Windows |
| Upgrade Adobe flash player 10.0.0.584 to latest version | Windows |
| Multiple vulnerabilities affected in Adobe AIR 3.1.0.485 | Windows |
| Multiple vulnerabilities affected in Adobe Flash Player Plugin 11.1 | Windows |
| Multiple vulnerabilities affected in Adobe Flash Player PPAPI 11.1 | Windows |
| Multiple Vulnerabilities are affected in Adobe AIR 3.1.0.4879 | Windows |
| Multiple Vulnerabilities are affected in Adobe AIR For Mac 3.1.0.4879 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-601945 | Update for Adobe AIR For Mac (32.0.0.125) (Deployment-Only) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234