10 - TA11-166A

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	Adobe Updates for Multiple Vulnerabilities

Informations
Name	TA11-166A	First vendor Publication	2011-06-15
Vendor	US-CERT	Last vendor Modification	2011-06-15
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Adobe has released Security Bulletin APSB11-16, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat.

Adobe has released Security Bulletin APSB11-17, which describes multiple vulnerabilities affecting Adobe Shockwave Player.

Adobe has released Security Bulletin APSB11-18, which describes multiple vulnerabilities affecting Adobe Flash Player.

I. Description

Adobe Security Bulletin APSB11-16 describes a number of vulnerabilities affecting Adobe Reader and Acrobat. These vulnerabilities affect Reader and Acrobat 9.3.4, earlier 9.x versions, 8.2.6, and earlier 8.x versions. These vulnerabilities also affect Reader X and Acrobat X 10.0.3, 10.0.1, and earlier 10.x versions.

An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in, which can automatically open PDF documents hosted on a website, is available for multiple web browsers and operating systems.

Adobe Security Bulletin APSB11-17 describes a number of vulnerabilities affecting Adobe Shockwave Player. These vulnerabilities affect Shockwave Player 11.5.9.620 and earlier versions.

An attacker could exploit this vulnerability by convincing a user to open specially crafted Shockwave content. Shockwave content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.

Adobe Security Bulletin APSB11-18 describes a number of vulnerabilities affecting Adobe Flash Player. These vulnerabilities affect Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems. These vulnerabilities also affect Flash Player 10.3.185.23 and earlier versions for Android.

An attacker could exploit this vulnerability by convincing a user to open specially crafted Flash content. Flash content is commonly hosted on a web page, but it can also be embedded in PDF and other documents or provided as a stand-alone file.

II. Impact

These vulnerabilities could allow a remote attacker to execute arbitrary code, write arbitrary files or folders to the file system, escalate local privileges, or cause a denial of service on an affected system as the result of a user opening a malicious PDF file.

If a user opens specially crafted Shockwave content, a remote attacker may be able to execute arbitrary code.

If a user opens specially crafted Flash content, a remote attacker may be able to execute arbitrary code.

III. Solution

Update Reader

Adobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB11-16 and update vulnerable versions of Adobe Reader and Acrobat.

Update Adobe Shockwave Player

Adobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB11-17 and update vulnerable versions of Adobe Shockwave Player.

Update Adobe Flash Player

Adobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB11-18 and update vulnerable versions of Adobe Adobe Flash Player.

Disable Flash in your web browser

Uninstall Flash or restrict which sites are allowed to run Flash.
To the extent possible, only run trusted Flash content on trusted domains. For more information, see Securing Your Web Browser.

Disable Flash in Adobe Reader and Acrobat

Disabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D &
Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:

Microsoft Windows
"%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll"
"%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"

Apple Mac OS X
"/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/AuthPlayLib.bundle"
"/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/Adobe3D.framework"

GNU/Linux (locations may vary among distributions)
"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so"
"/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"

File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required.

Disable JavaScript in Adobe Reader and Acrobat

Disabling JavaScript may prevent some exploits from resulting in code execution. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).

Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks.

Prevent Internet Explorer from automatically opening PDF files

The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\AcroExch.Document.7]
"EditFlags"=hex:00,00,00,00

Disable the display of PDF files in the web browser

Preventing PDF files from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.

To prevent PDF files from automatically being opened in a web browser, do the following:

1. Open Adobe Acrobat Reader.
2. Open the Edit menu.
3. Choose the Preferences option.
4. Choose the Internet section.
5. Uncheck the "Display PDF in browser" checkbox.

Do not access PDF files from untrusted sources

Do not open unfamiliar or unexpected PDF files, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010.

Original Source

Url : http://www.us-cert.gov/cas/techalerts/TA11-166A.html

CWE : Common Weakness Enumeration

%	Id	Name
83 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
11 %	CWE-189	Numeric Errors (CWE/SANS Top 25)
3 %	CWE-94	Failure to Control Generation of Code ('Code Injection')
3 %	CWE-20	Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:13684

Oval ID:	oval:org.mitre.oval:def:13684
Title:	Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2098.
Description:	Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2098.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-2099	Version:	13
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Adobe Acrobat Adobe Reader
Definition Synopsis:
Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 Adobe Acrobat 10.x is installed AND Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 OR Check if the version of Adobe Acrobat is less than or equal to 9.4.0 Adobe Acrobat 9 Series is installed AND Check if the version of Adobe Acrobat is less than or equal to 9.4.0 OR Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 Adobe Acrobat 8 Series is installed AND Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 OR Determine if the version of Adobe Reader is less than or equal to 9.4.4 Adobe Reader 9 Series is installed AND Determine if the version of Adobe Reader is less than or equal to 9.4.4 OR Adobe Reader library is less than or equal to 8.2.3 Adobe Reader 8 Series is installed AND Adobe Reader library is less than or equal to 8.2.3 OR Determine if the version of Adobe Reader is less than or equal to 10.0 Adobe Reader 10.x is installed AND Determine if the version of Adobe Reader is less than or equal to 10.0

Definition Id: oval:org.mitre.oval:def:13738

Oval ID:	oval:org.mitre.oval:def:13738
Title:	Adobe Reader and Acrobat 8.x before 8.3 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Description:	Adobe Reader and Acrobat 8.x before 8.3 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-2103	Version:	7
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Adobe Reader Adobe Acrobat
Definition Synopsis:
Adobe Reader library is less than or equal to 8.2.3 Adobe Reader 8 Series is installed AND Adobe Reader library is less than or equal to 8.2.3 OR Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 Adobe Acrobat 8 Series is installed AND Determine if the version of Adobe Acrobat is less than or equal to 8.2.6

Definition Id: oval:org.mitre.oval:def:13747

Oval ID:	oval:org.mitre.oval:def:13747
Title:	Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2095 and CVE-2011-2097.
Description:	Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2095 and CVE-2011-2097.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-2094	Version:	13
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Adobe Acrobat Adobe Reader
Definition Synopsis:
Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 Adobe Acrobat 10.x is installed AND Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 OR Check if the version of Adobe Acrobat is less than or equal to 9.4.0 Adobe Acrobat 9 Series is installed AND Check if the version of Adobe Acrobat is less than or equal to 9.4.0 OR Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 Adobe Acrobat 8 Series is installed AND Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 OR Determine if the version of Adobe Reader is less than or equal to 9.4.4 Adobe Reader 9 Series is installed AND Determine if the version of Adobe Reader is less than or equal to 9.4.4 OR Adobe Reader library is less than or equal to 8.2.3 Adobe Reader 8 Series is installed AND Adobe Reader library is less than or equal to 8.2.3 OR Determine if the version of Adobe Reader is less than or equal to 10.0 Adobe Reader 10.x is installed AND Determine if the version of Adobe Reader is less than or equal to 10.0

Definition Id: oval:org.mitre.oval:def:13858

Oval ID:	oval:org.mitre.oval:def:13858
Title:	Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.
Description:	Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-2096	Version:	13
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Adobe Acrobat Adobe Reader
Definition Synopsis:
Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 Adobe Acrobat 10.x is installed AND Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 OR Check if the version of Adobe Acrobat is less than or equal to 9.4.0 Adobe Acrobat 9 Series is installed AND Check if the version of Adobe Acrobat is less than or equal to 9.4.0 OR Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 Adobe Acrobat 8 Series is installed AND Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 OR Determine if the version of Adobe Reader is less than or equal to 9.4.4 Adobe Reader 9 Series is installed AND Determine if the version of Adobe Reader is less than or equal to 9.4.4 OR Adobe Reader library is less than or equal to 8.2.3 Adobe Reader 8 Series is installed AND Adobe Reader library is less than or equal to 8.2.3 OR Determine if the version of Adobe Reader is less than or equal to 10.0 Adobe Reader 10.x is installed AND Determine if the version of Adobe Reader is less than or equal to 10.0

Definition Id: oval:org.mitre.oval:def:13863

Oval ID:	oval:org.mitre.oval:def:13863
Title:	Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.
Description:	Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-2104	Version:	13
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Adobe Acrobat Adobe Reader
Definition Synopsis:
Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 Adobe Acrobat 10.x is installed AND Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 OR Check if the version of Adobe Acrobat is less than or equal to 9.4.0 Adobe Acrobat 9 Series is installed AND Check if the version of Adobe Acrobat is less than or equal to 9.4.0 OR Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 Adobe Acrobat 8 Series is installed AND Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 OR Determine if the version of Adobe Reader is less than or equal to 9.4.4 Adobe Reader 9 Series is installed AND Determine if the version of Adobe Reader is less than or equal to 9.4.4 OR Adobe Reader library is less than or equal to 8.2.3 Adobe Reader 8 Series is installed AND Adobe Reader library is less than or equal to 8.2.3 OR Determine if the version of Adobe Reader is less than or equal to 10.0 Adobe Reader 10.x is installed AND Determine if the version of Adobe Reader is less than or equal to 10.0

Definition Id: oval:org.mitre.oval:def:13919

Oval ID:	oval:org.mitre.oval:def:13919
Title:	Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X do not properly restrict script, which allows attackers to execute arbitrary code via a crafted document, related to a "cross document script execution vulnerability."
Description:	Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X do not properly restrict script, which allows attackers to execute arbitrary code via a crafted document, related to a "cross document script execution vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-2101	Version:	13
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Adobe Acrobat Adobe Reader
Definition Synopsis:
Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 Adobe Acrobat 10.x is installed AND Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 OR Check if the version of Adobe Acrobat is less than or equal to 9.4.0 Adobe Acrobat 9 Series is installed AND Check if the version of Adobe Acrobat is less than or equal to 9.4.0 OR Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 Adobe Acrobat 8 Series is installed AND Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 OR Determine if the version of Adobe Reader is less than or equal to 9.4.4 Adobe Reader 9 Series is installed AND Determine if the version of Adobe Reader is less than or equal to 9.4.4 OR Adobe Reader library is less than or equal to 8.2.3 Adobe Reader 8 Series is installed AND Adobe Reader library is less than or equal to 8.2.3 OR Determine if the version of Adobe Reader is less than or equal to 10.0 Adobe Reader 10.x is installed AND Determine if the version of Adobe Reader is less than or equal to 10.0

Definition Id: oval:org.mitre.oval:def:13960

Oval ID:	oval:org.mitre.oval:def:13960
Title:	Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted font data.
Description:	Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted font data.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-2105	Version:	13
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Adobe Acrobat Adobe Reader
Definition Synopsis:
Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 Adobe Acrobat 10.x is installed AND Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 OR Check if the version of Adobe Acrobat is less than or equal to 9.4.0 Adobe Acrobat 9 Series is installed AND Check if the version of Adobe Acrobat is less than or equal to 9.4.0 OR Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 Adobe Acrobat 8 Series is installed AND Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 OR Determine if the version of Adobe Reader is less than or equal to 9.4.4 Adobe Reader 9 Series is installed AND Determine if the version of Adobe Reader is less than or equal to 9.4.4 OR Adobe Reader library is less than or equal to 8.2.3 Adobe Reader 8 Series is installed AND Adobe Reader library is less than or equal to 8.2.3 OR Determine if the version of Adobe Reader is less than or equal to 10.0 Adobe Reader 10.x is installed AND Determine if the version of Adobe Reader is less than or equal to 10.0

Definition Id: oval:org.mitre.oval:def:13983

Oval ID:	oval:org.mitre.oval:def:13983
Title:	Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2094 and CVE-2011-2097.
Description:	Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2094 and CVE-2011-2097.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-2095	Version:	13
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Adobe Acrobat Adobe Reader
Definition Synopsis:
Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 Adobe Acrobat 10.x is installed AND Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 OR Check if the version of Adobe Acrobat is less than or equal to 9.4.0 Adobe Acrobat 9 Series is installed AND Check if the version of Adobe Acrobat is less than or equal to 9.4.0 OR Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 Adobe Acrobat 8 Series is installed AND Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 OR Determine if the version of Adobe Reader is less than or equal to 9.4.4 Adobe Reader 9 Series is installed AND Determine if the version of Adobe Reader is less than or equal to 9.4.4 OR Adobe Reader library is less than or equal to 8.2.3 Adobe Reader 8 Series is installed AND Adobe Reader library is less than or equal to 8.2.3 OR Determine if the version of Adobe Reader is less than or equal to 10.0 Adobe Reader 10.x is installed AND Determine if the version of Adobe Reader is less than or equal to 10.0

Definition Id: oval:org.mitre.oval:def:14004

Oval ID:	oval:org.mitre.oval:def:14004
Title:	Unspecified vulnerability in Adobe Reader and Acrobat before 10.1 on Windows and Mac OS X allows attackers to bypass intended access restrictions via unknown vectors.
Description:	Unspecified vulnerability in Adobe Reader and Acrobat before 10.1 on Windows and Mac OS X allows attackers to bypass intended access restrictions via unknown vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-2102	Version:	9
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Adobe Acrobat Adobe Reader
Definition Synopsis:
Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 Adobe Acrobat 10.x is installed AND Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 OR Determine if the version of Adobe Reader is less than or equal to 10.0 Adobe Reader 10.x is installed AND Determine if the version of Adobe Reader is less than or equal to 10.0

Definition Id: oval:org.mitre.oval:def:14057

Oval ID:	oval:org.mitre.oval:def:14057
Title:	Untrusted search path vulnerability in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Description:	Untrusted search path vulnerability in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-2100	Version:	13
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Adobe Acrobat Adobe Reader
Definition Synopsis:
Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 Adobe Acrobat 10.x is installed AND Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 OR Check if the version of Adobe Acrobat is less than or equal to 9.4.0 Adobe Acrobat 9 Series is installed AND Check if the version of Adobe Acrobat is less than or equal to 9.4.0 OR Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 Adobe Acrobat 8 Series is installed AND Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 OR Determine if the version of Adobe Reader is less than or equal to 9.4.4 Adobe Reader 9 Series is installed AND Determine if the version of Adobe Reader is less than or equal to 9.4.4 OR Adobe Reader library is less than or equal to 8.2.3 Adobe Reader 8 Series is installed AND Adobe Reader library is less than or equal to 8.2.3 OR Determine if the version of Adobe Reader is less than or equal to 10.0 Adobe Reader 10.x is installed AND Determine if the version of Adobe Reader is less than or equal to 10.0

Definition Id: oval:org.mitre.oval:def:14059

Oval ID:	oval:org.mitre.oval:def:14059
Title:	Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2094 and CVE-2011-2095.
Description:	Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2094 and CVE-2011-2095.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-2097	Version:	13
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Adobe Acrobat Adobe Reader
Definition Synopsis:
Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 Adobe Acrobat 10.x is installed AND Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 OR Check if the version of Adobe Acrobat is less than or equal to 9.4.0 Adobe Acrobat 9 Series is installed AND Check if the version of Adobe Acrobat is less than or equal to 9.4.0 OR Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 Adobe Acrobat 8 Series is installed AND Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 OR Determine if the version of Adobe Reader is less than or equal to 9.4.4 Adobe Reader 9 Series is installed AND Determine if the version of Adobe Reader is less than or equal to 9.4.4 OR Adobe Reader library is less than or equal to 8.2.3 Adobe Reader 8 Series is installed AND Adobe Reader library is less than or equal to 8.2.3 OR Determine if the version of Adobe Reader is less than or equal to 10.0 Adobe Reader 10.x is installed AND Determine if the version of Adobe Reader is less than or equal to 10.0

Definition Id: oval:org.mitre.oval:def:14091

Oval ID:	oval:org.mitre.oval:def:14091
Title:	Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011.
Description:	Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-2110	Version:	19
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2	Product(s):	Adobe Flash Player
Definition Synopsis:
Determine if the version of Adobe Flash Player on Windows is less than or equal 10.3.181.23 Adobe Flash Player 10 is installed AND Determine if the version of Adobe Flash Player on Windows is less than or equal 10.3.181.23 OR Determine if the version of Adobe Flash Player is less than or equal 9.125.0 Adobe Flash Player 9 is installed AND Determine if the version of Adobe Flash Player is less than or equal 9.125.0 OR Determine if the version of Adobe Flash Player is less than or equal 7.2 Adobe Flash Player is installed AND Determine if the version of Adobe Flash Player is less than or equal 7.2 OR Determine if the version of Adobe Flash Player is less than or equal 8.0.42.0 Adobe Flash Player is installed AND Determine if the version of Adobe Flash Player is less than or equal 8.0.42.0 OR Determine if the version of Adobe Flash Player is less than or equal 6.0.79 Adobe Flash Player is installed AND Determine if the version of Adobe Flash Player is less than or equal 6.0.79 OR Flash.ocx section ActiveX Control is installed AND Flash.ocx versions section Determine if the version of Flash.ocx is less than or equal 10.3.181.23 AND Determine if the version of Flash.ocx is less than or equal 9.125.0 AND Determine if the version of Flash.ocx is less than or equal 7.2 AND Determine if the version of Flash.ocx is less than or equal 8.0.42.0 AND Determine if the version of Flash.ocx is less than or equal 6.0.79

Definition Id: oval:org.mitre.oval:def:14158

Oval ID:	oval:org.mitre.oval:def:14158
Title:	DEPRECATED: Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Description:	Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-2106	Version:	10
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Adobe Acrobat Adobe Reader
Definition Synopsis:
Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 Adobe Acrobat 10.x is installed AND Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 OR Check if the version of Adobe Acrobat is less than or equal to 9.4.0 Adobe Acrobat 9 Series is installed AND Check if the version of Adobe Acrobat is less than or equal to 9.4.0 OR Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 Adobe Acrobat 8 Series is installed AND Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 OR Determine if the version of Adobe Reader is less than or equal to 9.4.4 Adobe Reader 9 Series is installed AND Determine if the version of Adobe Reader is less than or equal to 9.4.4 OR Adobe Reader library is less than or equal to 8.2.3 Adobe Reader 8 Series is installed AND Adobe Reader library is less than or equal to 8.2.3 OR Determine if the version of Adobe Reader is less than or equal to 10.0 Adobe Reader 10.x is installed AND Determine if the version of Adobe Reader is less than or equal to 10.0

Definition Id: oval:org.mitre.oval:def:14192

Oval ID:	oval:org.mitre.oval:def:14192
Title:	Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2099.
Description:	Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2099.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2011-2098	Version:	13
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000	Product(s):	Adobe Acrobat Adobe Reader
Definition Synopsis:
Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 Adobe Acrobat 10.x is installed AND Determine if the version of Adobe Acrobat is less than or equal to 10.0.3 OR Check if the version of Adobe Acrobat is less than or equal to 9.4.0 Adobe Acrobat 9 Series is installed AND Check if the version of Adobe Acrobat is less than or equal to 9.4.0 OR Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 Adobe Acrobat 8 Series is installed AND Determine if the version of Adobe Acrobat is less than or equal to 8.2.6 OR Determine if the version of Adobe Reader is less than or equal to 9.4.4 Adobe Reader 9 Series is installed AND Determine if the version of Adobe Reader is less than or equal to 9.4.4 OR Adobe Reader library is less than or equal to 8.2.3 Adobe Reader 8 Series is installed AND Adobe Reader library is less than or equal to 8.2.3 OR Determine if the version of Adobe Reader is less than or equal to 10.0 Adobe Reader 10.x is installed AND Determine if the version of Adobe Reader is less than or equal to 10.0

Definition Id: oval:org.mitre.oval:def:16252

Oval ID:	oval:org.mitre.oval:def:16252
Title:	Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011.
Description:	Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011.
Family:	macos	Class:	vulnerability
Reference(s):	CVE-2011-2110	Version:	3
Platform(s):	Apple Mac OS X	Product(s):	Adobe Flash Player
Definition Synopsis:
Adobe Flash Player is Installed AND Version of Adobe Flash Player is less than 10.3.181.26

Definition Id: oval:org.mitre.oval:def:21311

Oval ID:	oval:org.mitre.oval:def:21311
Title:	RHSA-2011:0869: flash-plugin security update (Critical)
Description:	Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011.
Family:	unix	Class:	patch
Reference(s):	RHSA-2011:0869-01 CVE-2011-2110	Version:	4
Platform(s):	Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6	Product(s):	flash-plugin
Definition Synopsis:
Operation system section The operating system installed on the system is Red Hat Enterprise Linux 5 AND flash-plugin is earlier than 0:10.3.181.26-1.el5 AND Operation system section flash-plugin is earlier than 0:10.3.181.26-1.el6 AND The operating system installed on the system is Red Hat Enterprise Linux 6

Definition Id: oval:org.mitre.oval:def:22830

Oval ID:	oval:org.mitre.oval:def:22830
Title:	DEPRECATED: ELSA-2011:0869: flash-plugin security update (Critical)
Description:	Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011.
Family:	unix	Class:	patch
Reference(s):	ELSA-2011:0869-01 CVE-2011-2110	Version:	7
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	flash-plugin
Definition Synopsis:
rpm test Oracle Linux 5.x AND flash-plugin is earlier than 0:10.3.181.26-1.el5 OR rpm test flash-plugin is earlier than 0:10.3.181.26-1.el6 AND Oracle Linux 6.x

Definition Id: oval:org.mitre.oval:def:23731

Oval ID:	oval:org.mitre.oval:def:23731
Title:	ELSA-2011:0869: flash-plugin security update (Critical)
Description:	Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011.
Family:	unix	Class:	patch
Reference(s):	ELSA-2011:0869-01 CVE-2011-2110	Version:	6
Platform(s):	Oracle Linux 5 Oracle Linux 6	Product(s):	flash-plugin
Definition Synopsis:
rpm test Oracle Linux 5.x AND flash-plugin is earlier than 0:10.3.181.26-1.el5 OR rpm test flash-plugin is earlier than 0:10.3.181.26-1.el6 AND Oracle Linux 6.x

CPE : Common Platform Enumeration

Type	Description	Count
Application	Adobe Acrobat cpe:2.3:a:adobe:acrobat:10.0.3:::::::* cpe:2.3:a:adobe:acrobat:10.0.2:::::::* cpe:2.3:a:adobe:acrobat:10.0.1:::::::* cpe:2.3:a:adobe:acrobat:10.0:::::::* cpe:2.3:a:adobe:acrobat:9.4.4:::::::* cpe:2.3:a:adobe:acrobat:9.4.3:::::::* cpe:2.3:a:adobe:acrobat:9.4.2:::::::* cpe:2.3:a:adobe:acrobat:9.4.1:::::::* cpe:2.3:a:adobe:acrobat:9.4:::::::* cpe:2.3:a:adobe:acrobat:9.3.4:::::::* cpe:2.3:a:adobe:acrobat:9.3.3:::::::* cpe:2.3:a:adobe:acrobat:9.3.2:::::::* cpe:2.3:a:adobe:acrobat:9.3.1:::::::* cpe:2.3:a:adobe:acrobat:9.3:::::::* cpe:2.3:a:adobe:acrobat:9.2:::::::* cpe:2.3:a:adobe:acrobat:9.1.3:::::::* cpe:2.3:a:adobe:acrobat:9.1.2:::::::* cpe:2.3:a:adobe:acrobat:9.1.1:::::::* cpe:2.3:a:adobe:acrobat:9.1:::::::* cpe:2.3:a:adobe:acrobat:9.0:::::::* cpe:2.3:a:adobe:acrobat:8.2.6:::::::* cpe:2.3:a:adobe:acrobat:8.2.5:::::::* cpe:2.3:a:adobe:acrobat:8.2.4:::::::* cpe:2.3:a:adobe:acrobat:8.2.3:::::::* cpe:2.3:a:adobe:acrobat:8.2.2:::::::* cpe:2.3:a:adobe:acrobat:8.2.1:::::::* cpe:2.3:a:adobe:acrobat:8.2:::::::* cpe:2.3:a:adobe:acrobat:8.1.7:::::::* cpe:2.3:a:adobe:acrobat:8.1.6:::::::* cpe:2.3:a:adobe:acrobat:8.1.5:::::::* cpe:2.3:a:adobe:acrobat:8.1.4:::::::* cpe:2.3:a:adobe:acrobat:8.1.3:::::::* cpe:2.3:a:adobe:acrobat:8.1.2:::::::* cpe:2.3:a:adobe:acrobat:8.1.1:::::::* cpe:2.3:a:adobe:acrobat:8.1:::::::* cpe:2.3:a:adobe:acrobat:8.0:::::::*	36
Application	Adobe Acrobat Reader cpe:2.3:a:adobe:acrobat_reader:10.0.3:::::::* cpe:2.3:a:adobe:acrobat_reader:10.0.2:::::::* cpe:2.3:a:adobe:acrobat_reader:10.0.1:::::::* cpe:2.3:a:adobe:acrobat_reader:10.0:::::::* cpe:2.3:a:adobe:acrobat_reader:9.4.4:::::::* cpe:2.3:a:adobe:acrobat_reader:9.4.3:::::::* cpe:2.3:a:adobe:acrobat_reader:9.4.2:::::::* cpe:2.3:a:adobe:acrobat_reader:9.4.1:::::::* cpe:2.3:a:adobe:acrobat_reader:9.4:::::::* cpe:2.3:a:adobe:acrobat_reader:9.3.4:::::::* cpe:2.3:a:adobe:acrobat_reader:9.3.3:::::::* cpe:2.3:a:adobe:acrobat_reader:9.3.2:::::::* cpe:2.3:a:adobe:acrobat_reader:9.3.1:::::::* cpe:2.3:a:adobe:acrobat_reader:9.3:::::::* cpe:2.3:a:adobe:acrobat_reader:9.2:::::::* cpe:2.3:a:adobe:acrobat_reader:9.1.3:::::::* cpe:2.3:a:adobe:acrobat_reader:9.1.2:::::::* cpe:2.3:a:adobe:acrobat_reader:9.1.1:::::::* cpe:2.3:a:adobe:acrobat_reader:9.1:::::::* cpe:2.3:a:adobe:acrobat_reader:9.0:::::::* cpe:2.3:a:adobe:acrobat_reader:8.2.6:::::::* cpe:2.3:a:adobe:acrobat_reader:8.2.4:::::::* cpe:2.3:a:adobe:acrobat_reader:8.2.3:::::::* cpe:2.3:a:adobe:acrobat_reader:8.2.2:::::::* cpe:2.3:a:adobe:acrobat_reader:8.2.1:::::::* cpe:2.3:a:adobe:acrobat_reader:8.2:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1.7:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1.6:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1.5:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1.4:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1.3:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1.2:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1.1:::::::* cpe:2.3:a:adobe:acrobat_reader:8.1:::::::* cpe:2.3:a:adobe:acrobat_reader:8.0:::::::*	35
Application	Adobe Flash Player cpe:2.3:a:adobe:flash_player:10.3.185.23:::::::* cpe:2.3:a:adobe:flash_player:10.3.185.22:::::::* cpe:2.3:a:adobe:flash_player:10.3.185.21:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.86:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.75:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.7:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.68:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.67:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.63:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.61:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.51:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.50:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.5:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.48:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.43:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.29:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.25:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.23:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.20:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.19:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.18:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.16:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.15:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.11:::::::* cpe:2.3:a:adobe:flash_player:10.3.183.10:::::::* cpe:2.3:a:adobe:flash_player:10.3.181.36:::::::* cpe:2.3:a:adobe:flash_player:10.3.181.34:::::::* cpe:2.3:a:adobe:flash_player:10.3.181.26:::::::* cpe:2.3:a:adobe:flash_player:10.3.181.23:::::::* cpe:2.3:a:adobe:flash_player:10.3.181.22:::::::* cpe:2.3:a:adobe:flash_player:10.3.181.16:::::::* cpe:2.3:a:adobe:flash_player:10.3.181.14:::::::* cpe:2.3:a:adobe:flash_player:10.3.:::::::* cpe:2.3:a:adobe:flash_player:10.3:::::::* cpe:2.3:a:adobe:flash_player:10.2.159.1:::::::* cpe:2.3:a:adobe:flash_player:10.2.157.51:::::::* cpe:2.3:a:adobe:flash_player:10.2.156.12:::::::* cpe:2.3:a:adobe:flash_player:10.2.154.25:::::::* cpe:2.3:a:adobe:flash_player:10.2.154.13:::::::* cpe:2.3:a:adobe:flash_player:10.2.153.1:::::::* cpe:2.3:a:adobe:flash_player:10.2.152.33:::::::* cpe:2.3:a:adobe:flash_player:10.2.152.32:::::::* cpe:2.3:a:adobe:flash_player:10.2.152.26:::::::* cpe:2.3:a:adobe:flash_player:10.2.152:::::::* cpe:2.3:a:adobe:flash_player:10.1.95.2:::::::* cpe:2.3:a:adobe:flash_player:10.1.95.1:::::::* cpe:2.3:a:adobe:flash_player:10.1.92.8:::::::* cpe:2.3:a:adobe:flash_player:10.1.92.10:::::::* cpe:2.3:a:adobe:flash_player:10.1.85.3:::::::* cpe:2.3:a:adobe:flash_player:10.1.82.76:::::::* cpe:2.3:a:adobe:flash_player:10.1.53.64:::::::* cpe:2.3:a:adobe:flash_player:10.1.52.15:::::::* cpe:2.3:a:adobe:flash_player:10.1.52.14.1:::::::* cpe:2.3:a:adobe:flash_player:10.1.52.14:::::::* cpe:2.3:a:adobe:flash_player:10.1.106.17:::::::* cpe:2.3:a:adobe:flash_player:10.1.106.16:::::::* cpe:2.3:a:adobe:flash_player:10.1.105.6:::::::* cpe:2.3:a:adobe:flash_player:10.1.102.64:::::::* cpe:2.3:a:adobe:flash_player:10.1:::::::* cpe:2.3:a:adobe:flash_player:10.0.45.2:::::::* cpe:2.3:a:adobe:flash_player:10.0.42.34:::::::* cpe:2.3:a:adobe:flash_player:10.0.32.18:::::::* cpe:2.3:a:adobe:flash_player:10.0.22.87:::::::* cpe:2.3:a:adobe:flash_player:10.0.2.54:::::::* cpe:2.3:a:adobe:flash_player:10.0.15.3:::::::* cpe:2.3:a:adobe:flash_player:10.0.12.36:::::::* cpe:2.3:a:adobe:flash_player:10.0.12.10:::::::* cpe:2.3:a:adobe:flash_player:10.0.0.584:::::::* cpe:2.3:a:adobe:flash_player:10:::::::* cpe:2.3:a:adobe:flash_player:9.125.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.9.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.8.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.48.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.47.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.45.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.31.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.31:::::::* cpe:2.3:a:adobe:flash_player:9.0.283.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.280:::::::* cpe:2.3:a:adobe:flash_player:9.0.28.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.28.0::mac_os_x::::: cpe:2.3:a:adobe:flash_player:9.0.28:::::::* cpe:2.3:a:adobe:flash_player:9.0.277.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.262.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.260.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.246.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.20.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.20:::::::* cpe:2.3:a:adobe:flash_player:9.0.18d60:::::::* cpe:2.3:a:adobe:flash_player:9.0.16.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.16:::::::* cpe:2.3:a:adobe:flash_player:9.0.16::windows::::: cpe:2.3:a:adobe:flash_player:9.0.159.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.155.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.152.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.151.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.125.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.124.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.115.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.114.0:::::::* cpe:2.3:a:adobe:flash_player:9.0.112.0:::::::* cpe:2.3:a:adobe:flash_player:9.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.42.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.39.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.35.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.34.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.33.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.24.0:::::::* cpe:2.3:a:adobe:flash_player:8.0.22.0:::::::* cpe:2.3:a:adobe:flash_player:8.0:::::::* cpe:2.3:a:adobe:flash_player:8.0::pro::::: cpe:2.3:a:adobe:flash_player:8.0::basic::::: cpe:2.3:a:adobe:flash_player:8::professional::::: cpe:2.3:a:adobe:flash_player:8::pro::::: cpe:2.3:a:adobe:flash_player:7.2:::::::* cpe:2.3:a:adobe:flash_player:7.1.1:::::::* cpe:2.3:a:adobe:flash_player:7.1:::::::* cpe:2.3:a:adobe:flash_player:7.0.73.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.70.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.69.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.68.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.67.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.66.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.63:::::::* cpe:2.3:a:adobe:flash_player:7.0.63::linux::::: cpe:2.3:a:adobe:flash_player:7.0.61.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.60.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.53.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.25:::::::* cpe:2.3:a:adobe:flash_player:7.0.24.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.19.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.14.0:::::::* cpe:2.3:a:adobe:flash_player:7.0.1:::::::* cpe:2.3:a:adobe:flash_player:7.0_r67::solaris::::: cpe:2.3:a:adobe:flash_player:7.0_r67:::::::* cpe:2.3:a:adobe:flash_player:7.0:::::::* cpe:2.3:a:adobe:flash_player:6.0.79:::::::* cpe:2.3:a:adobe:flash_player:6.0.21.0:::::::* cpe:2.3:a:adobe:flash_player:6:::::::* cpe:2.3:a:adobe:flash_player:5:::::::* cpe:2.3:a:adobe:flash_player:4:::::::* cpe:2.3:a:adobe:flash_player:3:::::::* cpe:2.3:a:adobe:flash_player:2:::::::* cpe:2.3:a:adobe:flash_player:mx_2004:::::::* cpe:2.3:a:adobe:flash_player:cs4::pro::::: cpe:2.3:a:adobe:flash_player:cs3::pro::::: cpe:2.3:a:adobe:flash_player:cs3::professional::::: cpe:2.3:a:adobe:flash_player:::::::: cpe:2.3:a:adobe:flash_player:::basic:::::* cpe:2.3:a:adobe:flash_player:::pro:::::* cpe:2.3:a:adobe:flash_player::::::edge::* cpe:2.3:a:adobe:flash_player::::::internet_explorer_11::* cpe:2.3:a:adobe:flash_player::::::chrome::* cpe:2.3:a:adobe:flash_player:-:::::::*	154
Application	Adobe Shockwave Player cpe:2.3:a:adobe:shockwave_player:11.5.9.620:::::::* cpe:2.3:a:adobe:shockwave_player:11.5.9.615:::::::* cpe:2.3:a:adobe:shockwave_player:11.5.8.612:::::::* cpe:2.3:a:adobe:shockwave_player:11.5.7.609:::::::* cpe:2.3:a:adobe:shockwave_player:11.5.6.606:::::::* cpe:2.3:a:adobe:shockwave_player:11.5.2.602:::::::* cpe:2.3:a:adobe:shockwave_player:11.5.1.601:::::::* cpe:2.3:a:adobe:shockwave_player:11.5.0.596:::::::* cpe:2.3:a:adobe:shockwave_player:11.5.0.595:::::::* cpe:2.3:a:adobe:shockwave_player:11.0.3.471:::::::* cpe:2.3:a:adobe:shockwave_player:11.0.0.456:::::::* cpe:2.3:a:adobe:shockwave_player:11:::::::* cpe:2.3:a:adobe:shockwave_player:10.2.0.023:::::::* cpe:2.3:a:adobe:shockwave_player:10.2.0.022:::::::* cpe:2.3:a:adobe:shockwave_player:10.2.0.021:::::::* cpe:2.3:a:adobe:shockwave_player:10.1.4.020:::::::* cpe:2.3:a:adobe:shockwave_player:10.1.1.016:::::::* cpe:2.3:a:adobe:shockwave_player:10.1.0.11:::::::* cpe:2.3:a:adobe:shockwave_player:10.1.0.011:::::::* cpe:2.3:a:adobe:shockwave_player:10.0.1.004:::::::* cpe:2.3:a:adobe:shockwave_player:10.0.0.210:::::::* cpe:2.3:a:adobe:shockwave_player:9.0.432:::::::* cpe:2.3:a:adobe:shockwave_player:9.0.383:::::::* cpe:2.3:a:adobe:shockwave_player:9:::::::* cpe:2.3:a:adobe:shockwave_player:8.5.325:::::::* cpe:2.3:a:adobe:shockwave_player:8.5.324:::::::* cpe:2.3:a:adobe:shockwave_player:8.5.323:::::::* cpe:2.3:a:adobe:shockwave_player:8.5.321:::::::* cpe:2.3:a:adobe:shockwave_player:8.5.1.106:::::::* cpe:2.3:a:adobe:shockwave_player:8.5.1.105:::::::* cpe:2.3:a:adobe:shockwave_player:8.5.1.103:::::::* cpe:2.3:a:adobe:shockwave_player:8.5.1.100:::::::* cpe:2.3:a:adobe:shockwave_player:8.5.1:::::::* cpe:2.3:a:adobe:shockwave_player:8.0.205:::::::* cpe:2.3:a:adobe:shockwave_player:8.0.204:::::::* cpe:2.3:a:adobe:shockwave_player:8.0.196a:::::::* cpe:2.3:a:adobe:shockwave_player:8.0.196:::::::* cpe:2.3:a:adobe:shockwave_player:8.0:::::::* cpe:2.3:a:adobe:shockwave_player:6.0:::::::* cpe:2.3:a:adobe:shockwave_player:5.0:::::::* cpe:2.3:a:adobe:shockwave_player:4.0:::::::* cpe:2.3:a:adobe:shockwave_player:3.0:::::::* cpe:2.3:a:adobe:shockwave_player:2.0:::::::* cpe:2.3:a:adobe:shockwave_player:1.0:::::::* cpe:2.3:a:adobe:shockwave_player:::::::: cpe:2.3:a:adobe:shockwave_player:-:::::::*	46

SAINT Exploits

Description	Link
Adobe Flash Player ActionScript Function Arguments Code Execution	More info here

ExploitDB Exploits

id	Description
2012-06-20	Adobe Flash Player AVM Verification Logic Array Indexing Code Execution

OpenVAS Exploits

Date	Description
2012-02-12	Name : Gentoo Security Advisory GLSA 201110-11 (Adobe Flash Player) File : nvt/glsa_201110_11.nasl
2011-08-03	Name : FreeBSD Ports: linux-flashplugin File : nvt/freebsd_linux-flashplugin15.nasl
2011-07-05	Name : Adobe Reader/Acrobat Memory Corruption Vulnerability (Windows) File : nvt/secpod_adobe_prdts_mem_crptn_vuln_win_jun11.nasl
2011-07-01	Name : Adobe Reader and Acrobat Multiple BOF Vulnerabilities June-2011 (Windows) File : nvt/gb_adobe_prdts_mult_bof_vuln_jun11_win.nasl
2011-07-01	Name : Adobe Reader/Acrobat Security Bypass Vulnerability (Windows) File : nvt/secpod_adobe_prdts_sec_bypass_vuln_win.nasl
2011-06-21	Name : Adobe Shockwave Player Multiple Unspecified Vulnerabilities File : nvt/gb_adobe_shockwave_player_mult_unspecified_vuln.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
73068	Adobe Reader / Acrobat Unspecified Memory Corruption (2011-2106) A memory corruption flaw exists in Adobe Reader and Acrobat. The programs fail to sanitize unspecified user-supplied input resulting in memory corruption. With a specially crafted file, a context-dependent attacker can execute arbitrary code.
73067	Adobe Reader / Acrobat Font Handling Memory Corruption A memory corruption flaw exists in Adobe Reader and Acrobat. The programs fail to sanitize user-supplied input resulting in memory corruption. With a specially crafted font, a context-dependent attacker can execute arbitrary code.
73066	Adobe Reader / Acrobat Unspecified Memory Corruption DoS A memory corruption flaw exists in Adobe Reader and Acrobat. The programs fail to sanitize unspecified user-supplied input resulting in memory corruption. With a specially crafted file, a context-dependent attacker can cause a denial of service.
73065	Adobe Reader / Acrobat Unspecified Memory Corruption (2011-2103) A memory corruption flaw exists in Adobe Reader and Acrobat. The programs fail to sanitize unspecified user-supplied input resulting in memory corruption. With a specially crafted file, a context-dependent attacker can execute arbitrary code.
73064	Adobe Reader / Acrobat Unspecified Security Bypass Adobe Reader and Acrobat contain an unspecified flaw related to the that may allow an attacker to bypass certain security policies. No further details have been provided.
73063	Adobe Reader / Acrobat Unspecified XSS Adobe Reader and Acrobat contain a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain unspecified input before returning it to the user. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
73062	Adobe Reader / Acrobat Unspecified Path Subversion Arbitrary DLL Injection Co...
73061	Adobe Reader / Acrobat Unspecified Memory Corruption (2011-2099)
73059	Adobe Reader / Acrobat Unspecified Memory Corruption (2011-2098)
73058	Adobe Reader / Acrobat ACE.dll ICC Chunk Handling Overflow
73057	Adobe Reader / Acrobat Unspecified Overflow (2011-2096)
73056	Adobe Reader / Acrobat tesselate.x3d Multimedia Handling Remote Code Execution
73055	Adobe Reader / Acrobat 3difr.x3d Multimedia Handling Remote Code Execution
73034	Adobe Shockwave Player Unspecified Integer Overflow
73033	Adobe Shockwave Player Dirapi.dll Component Multiple Unspecified Integer Over...
73032	Adobe Shockwave Player NPAPI Plugin ole32 Library Drag and Drop Tab Destructi...
73031	Adobe Shockwave Player IML32.dll Component Unspecified Memory Corruption (201...
73030	Adobe Shockwave Player Dirapi.dll Component Unspecified Memory Corruption (20...
73029	Adobe Shockwave Player Dirapi.dll Component Unspecified Memory Corruption (20...
73028	Adobe Shockwave Player IML32.dll Component Unspecified Memory Corruption
73027	Adobe Shockwave Player Unspecified Memory Corruption (2011-2128)
73026	Adobe Shockwave Player Unspecified Memory Corruption (2011-2117)
73025	Adobe Shockwave Player Dirapi.dll Component Unspecified Memory Corruption (20...
73024	Adobe Shockwave Player Shockwave 3D Asset x32 Component Integer Overflow (201...
73023	Adobe Shockwave Player IML32.dll Component Multiple Buffer Overflows
73022	Adobe Shockwave Player Dirapi.dll Component Unspecified Memory Corruption (20...
73021	Adobe Shockwave Player FLV ASSET Xtra Component Unspecified Remote Code Execu...
73020	Adobe Shockwave Player Dirapi.dll Component Unspecified Memory Corruption (20...
73019	Adobe Shockwave Player Unspecified Memory Corruption (2011-2124)
73018	Adobe Shockwave Player Shockwave3DAsset Component Multiple Buffer Overflows
73017	Adobe Shockwave Player Dirapi.dll Component Unspecified Memory Corruption (20...
73016	Adobe Shockwave Player Dirapi.dll Component Multiple Unspecified Memory Corru...
73015	Adobe Shockwave Player Dirapix.dll Component Buffer Overflow
73014	Adobe Shockwave Player Multiple Unspecified Memory Corruptions
73013	Adobe Shockwave Player CursorAsset x32 Component Integer Overflow (2011-2120)
73012	Adobe Shockwave Player Design Flaw Unspecified Remote Code Execution
73011	Adobe Shockwave Player Unspecified Buffer Overflow
73010	Adobe Shockwave Player IML32.dll Component Multiple Unspecified Memory Corrup...
73007	Adobe Flash Player Unspecified Memory Corruption

Snort® IPS/IDS

Date	Description
2014-01-10	Adobe Flash Player ActionScript float index array memory corruption attempt RuleID : 28704 - Revision : 7 - Type : FILE-FLASH
2014-01-10	Adobe Flash Player ActionScript float index array memory corruption attempt RuleID : 28703 - Revision : 7 - Type : FILE-FLASH
2014-01-10	Multiple exploit kit Payload detection - readme.dll RuleID : 27898 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - calc.dll RuleID : 27897 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - contacts.dll RuleID : 27896 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - info.dll RuleID : 27895 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - about.dll RuleID : 27894 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	iFramer toolkit injected iframe detected - specific structure RuleID : 27271 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page retrieval RuleID : 27072 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page retrieval RuleID : 27071 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - info.dll RuleID : 26508 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit jar file downloaded RuleID : 26434 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Nuclear exploit kit landing page RuleID : 26343 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Nuclear exploit kit landing page - specific structure RuleID : 26342 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Nuclear exploit kit landing page RuleID : 26341 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page retrieval - ff.php RuleID : 26339 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	IFRAMEr injection detection - leads to exploit kit RuleID : 26338 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page - specific structure RuleID : 26337 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page retrieval RuleID : 26227 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit 32-alpha jar request RuleID : 25798 - Revision : 10 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit redirection successful RuleID : 25611 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page RuleID : 25569 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page retrieval RuleID : 25568 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Multiple Exploit Kit Payload detection - setup.exe RuleID : 25526 - Revision : 2 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit redirection successful RuleID : 25388 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - readme.exe RuleID : 25387 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - about.exe RuleID : 25386 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - calc.exe RuleID : 25385 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - contacts.exe RuleID : 25384 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit Payload detection - info.exe RuleID : 25383 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Multiple exploit kit malicious jar file dropped RuleID : 25382 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit url structure detected RuleID : 25043 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit redirection successful RuleID : 24638 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit redirection page - specific structure RuleID : 24637 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit redirection page - specific structure RuleID : 24636 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page download attempt RuleID : 24608 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page received - specific structure RuleID : 24593 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page download attempt RuleID : 24548 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page download attempt RuleID : 24547 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page download attempt RuleID : 24546 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackhole admin page outbound access attempt RuleID : 24544 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Blackhole admin page inbound access attempt RuleID : 24543 - Revision : 4 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit fallback executable download RuleID : 24501 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackhole - Cookie Set RuleID : 24475 - Revision : 3 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page Received RuleID : 24228 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 - URI Structure RuleID : 24227 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Blackholev2 exploit kit landing page received RuleID : 24226 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackhole possible email Landing to 8 chr folder RuleID : 24171 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure RuleID : 24054 - Revision : 10 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure RuleID : 24053 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Adobe Flash Player ActionScript float index array memory corruption attempt RuleID : 23997 - Revision : 12 - Type : FILE-FLASH
2014-01-10	Adobe Flash Player ActionScript float index array memory corruption attempt RuleID : 23996 - Revision : 10 - Type : FILE-FLASH
2014-01-10	Blackhole exploit kit landing page with specific structure - fewbgazr catch RuleID : 23962 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - hwehes RuleID : 23850 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole redirection attempt RuleID : 23849 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Blackhole redirection attempt RuleID : 23848 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackhole redirection page RuleID : 23797 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - Math.round catch RuleID : 23786 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - Math.floor catch RuleID : 23785 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page RuleID : 23781 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page request - tkr RuleID : 23622 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - prototype catch ... RuleID : 23619 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page download attempt RuleID : 23159 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - prototype catch RuleID : 23158 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Nuclear Pack exploit kit binary download RuleID : 23157 - Revision : 10 - Type : EXPLOIT-KIT
2014-01-10	Nuclear Pack exploit kit landing page RuleID : 23156 - Revision : 11 - Type : EXPLOIT-KIT
2014-01-10	Blackhole redirection attempt RuleID : 22949 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackhole Exploit Kit javascript service method RuleID : 22088 - Revision : 12 - Type : EXPLOIT-KIT
2014-01-10	Blackhole landing redirection page RuleID : 22041 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackhole suspected landing page RuleID : 22040 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackhole suspected landing page RuleID : 22039 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit landing page with specific structure - Loading RuleID : 21876 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Possible exploit kit post compromise activity - taskkill RuleID : 21875 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Possible exploit kit post compromise activity - StrReverse RuleID : 21874 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Phoenix exploit kit post-compromise behavior RuleID : 21860 - Revision : 5 - Type : MALWARE-CNC
2014-01-10	Blackhole exploit kit landing page with specific structure - catch RuleID : 21661 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page Requested - /Index/index.php RuleID : 21660 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page Requested - /Home/index.php RuleID : 21659 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page RuleID : 21658 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page - specific structure RuleID : 21657 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - prototype catch RuleID : 21646-community - Revision : 16 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - prototype catch RuleID : 21646 - Revision : 16 - Type : EXPLOIT-KIT
2014-01-10	Phoenix exploit kit landing page RuleID : 21640 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - BBB RuleID : 21581 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific header RuleID : 21549 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific header RuleID : 21539 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - prototype catch RuleID : 21492-community - Revision : 22 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page with specific structure - prototype catch RuleID : 21492 - Revision : 22 - Type : EXPLOIT-KIT
2014-01-10	Adobe Flash Player ActionScript float index array memory corruption RuleID : 21458 - Revision : 13 - Type : FILE-FLASH
2014-01-10	Adobe Flash Player ActionScript float index array memory corruption RuleID : 21457 - Revision : 13 - Type : FILE-FLASH
2014-01-10	Blackhole exploit kit JavaScript carat string splitting with hostile applet RuleID : 21438-community - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit JavaScript carat string splitting with hostile applet RuleID : 21438 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Adobe Shockwave Director KEY chunk buffer overflow attempt RuleID : 21371 - Revision : 10 - Type : FILE-OTHER
2014-01-10	Blackhole exploit kit URL - search.php?page= RuleID : 21348 - Revision : 8 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit URL - .php?page= RuleID : 21347 - Revision : 12 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit malicious jar download RuleID : 21346 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit malicious jar request RuleID : 21345 - Revision : 9 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit pdf download RuleID : 21344 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit pdf request RuleID : 21343 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Adobe shockwave director tSAC string termination memory corruption attempt RuleID : 21316 - Revision : 10 - Type : FILE-OTHER
2014-01-10	Blackhole exploit kit response RuleID : 21259 - Revision : 5 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit control panel access RuleID : 21141 - Revision : 7 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page RuleID : 21045 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit landing page RuleID : 21044 - Revision : 6 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit post-compromise download attempt - .php?e= RuleID : 21043 - Revision : 10 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit post-compromise download attempt - .php?f= RuleID : 21042 - Revision : 11 - Type : EXPLOIT-KIT
2014-01-10	Blackhole exploit kit URL - main.php?page= RuleID : 21041 - Revision : 12 - Type : EXPLOIT-KIT
2014-01-10	Yang Pack yg.htm landing page RuleID : 21006 - Revision : 5 - Type : MALWARE-CNC
2014-01-10	Adobe Flash Player ActionScript float index array memory corruption attempt RuleID : 20777 - Revision : 14 - Type : FILE-FLASH
2014-01-10	Adobe Flash Player ActionScript float index array memory corruption RuleID : 20767 - Revision : 13 - Type : FILE-FLASH
2014-01-10	Adobe Flash Player ActionScript float index array memory corruption RuleID : 20031 - Revision : 15 - Type : FILE-FLASH
2014-01-10	Adobe Flash Player ActionScript float index array memory corruption RuleID : 19264 - Revision : 18 - Type : FILE-FLASH
2014-01-10	Adobe Flash Player ActionScript float index array memory corruption RuleID : 19263 - Revision : 18 - Type : FILE-FLASH
2014-01-10	Adobe Flash Player ActionScript float index array memory corruption RuleID : 19262 - Revision : 18 - Type : FILE-FLASH
2014-01-10	Adobe ActionScript float index memory corruption attempt RuleID : 19257 - Revision : 13 - Type : FILE-FLASH
2014-01-10	Adobe Acrobat Reader ICC ProfileDescriptionTag overflow attempt RuleID : 19255 - Revision : 10 - Type : FILE-PDF
2014-01-10	Adobe Acrobat Reader javascript in PDF go-to actions exploit attempt RuleID : 19254 - Revision : 11 - Type : FILE-PDF
2014-01-10	Adobe Acrobat Reader malicious language.engtesselate.ln file download attempt RuleID : 19253 - Revision : 12 - Type : FILE-PDF
2014-01-10	Adobe Acrobat Reader CIDFont dictionary glyph width corruption attempt RuleID : 19251 - Revision : 12 - Type : FILE-PDF
2014-01-10	Adobe Acrobat and Adobe Acrobat Reader U3D file include overflow attempt RuleID : 19250 - Revision : 8 - Type : FILE-PDF
2014-01-10	Adobe Universal3D meshes.removeItem exploit attempt RuleID : 19249 - Revision : 9 - Type : FILE-FLASH
2014-01-10	Adobe Acrobat Reader malformed U3D texture continuation integer overflow attempt RuleID : 19248 - Revision : 10 - Type : FILE-PDF
2014-01-10	Adobe jpeg 2000 image exploit attempt RuleID : 19247 - Revision : 9 - Type : FILE-IMAGE

Nessus® Vulnerability Scanner

Date	Description
2014-12-22	Name : The remote Mac OS X host contains a web browser plugin that is affected by mu... File : macosx_shockwave_player_apsb11-17.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_3_flash-player-110614.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_4_flash-player-110614.nasl - Type : ACT_GATHER_INFO
2011-12-13	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_flash-player-7571.nasl - Type : ACT_GATHER_INFO
2011-11-09	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1434.nasl - Type : ACT_GATHER_INFO
2011-10-14	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201110-11.nasl - Type : ACT_GATHER_INFO
2011-06-24	Name : The version of Adobe Reader on the remote Mac OS X host is affected by multip... File : macosx_adobe_reader_apsb11-16.nasl - Type : ACT_GATHER_INFO
2011-06-16	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_55a528e8978711e0b24a001b2134ef46.nasl - Type : ACT_GATHER_INFO
2011-06-16	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2011-0869.nasl - Type : ACT_GATHER_INFO
2011-06-16	Name : The remote SuSE 11 host is missing a security update. File : suse_11_flash-player-110615.nasl - Type : ACT_GATHER_INFO
2011-06-15	Name : The version of Adobe Acrobat on the remote Windows host is affected by multip... File : adobe_acrobat_apsb11-16.nasl - Type : ACT_GATHER_INFO
2011-06-15	Name : The version of Adobe Reader on the remote Windows host is affected by multipl... File : adobe_reader_apsb11-16.nasl - Type : ACT_GATHER_INFO
2011-06-15	Name : A browser plugin is affected by a memory corruption vulnerability. File : flash_player_apsb11-18.nasl - Type : ACT_GATHER_INFO
2011-06-15	Name : The remote Mac OS X host has a browser plugin that is affected by a remote me... File : macosx_flash_player_10_3_181_26.nasl - Type : ACT_GATHER_INFO
2011-06-15	Name : The remote Windows host contains a web browser plugin that is affected by mul... File : shockwave_player_apsb11-17.nasl - Type : ACT_GATHER_INFO

Global Informations

Type	Count
CWE ID(s)	36
Oval ID(s)	18
CPE ID(s)	271
Saint Exploit(s)	1
osvdb(s)	39
ExploitDB Exploit(s)	1
Openvas Exploit(s)	6
Snort® Rule(s)	123
Nessus® Exploit(s)	15

	Related
10	CVE-2011-2110
9.3	CVE-2011-2128
9.3	CVE-2011-2127
9.3	CVE-2011-2126
9.3	CVE-2011-2125
9.3	CVE-2011-2124
9.3	CVE-2011-2123
9.3	CVE-2011-2122
9.3	CVE-2011-2121
9.3	CVE-2011-2120
9.3	CVE-2011-2119
9.3	CVE-2011-2118
9.3	CVE-2011-2117
9.3	CVE-2011-2116
9.3	CVE-2011-2115
9.3	CVE-2011-2114
9.3	CVE-2011-2113
9.3	CVE-2011-2112
9.3	CVE-2011-2111
9.3	CVE-2011-2109
9.3	CVE-2011-2108
9.3	CVE-2011-2106
9.3	CVE-2011-2105
9.3	CVE-2011-2103
9.3	CVE-2011-2102
9.3	CVE-2011-2101
9.3	CVE-2011-2099
9.3	CVE-2011-2098
9.3	CVE-2011-2097
9.3	CVE-2011-2096
9.3	CVE-2011-2095
9.3	CVE-2011-2094
9.3	CVE-2011-0335
9.3	CVE-2011-0320
9.3	CVE-2011-0319
9.3	CVE-2011-0318
9.3	CVE-2011-0317
6.9	CVE-2011-2100
4.3	CVE-2011-2104
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 39 more Alert(s)