CVE-2011-0609
Publication date 15 March 2011
Last updated 25 August 2025
Ubuntu priority
Cvss 3 Severity Score
Description
Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| acroread | ||
| adobe-flashplugin | ||
| flashplugin-nonfree | ||
Notes
mdeslaur
Upstream description: "memory corruption vulnerability that could lead to code execution" upstream says acroread 9.x on UNIX isn't affected
Severity score breakdown
CVSS version: CVSS v3.0
Base score
7.8 · High
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H