VDB
GSD-2011-2139
GSD-2011-2139
PUBLISHED
Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
Exploit Intelligence
- Python 3 implementation of an existing CVE-2011-3556 proof of concept (PoC). (github-poc)
- edmondscommerce/CVE-2011-2461_Magento_Patch (github-poc)
- Patched version of the uploader.swf and uploaderSingle.swf to fix CVE-2011-2461 (github-poc)
- ParrotNG is a tool capable of identifying Adobe Flex applications (SWF) vulnerable to CVE-2011-2461 (github-poc)
- http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html (github-poc)
- A TLS server using a vendored fork of the Go TLS stack that has renegotation indication extension forcibly disabled. (github-poc)
- http://www.adobe.com/support/security/bulletins/apsb11-21.html (circl)
- oval:org.mitre.oval:def:14204 (circl)
- openSUSE-SU-2011:0897 (circl)
- RHSA-2011:1144 (circl)
…and 8 more exploits
Timeline
- Nov 9, 2009 CVE Published
- Jul 2, 2021 PoC Published
- Jan 24, 2023 PoC Published
- Jul 30, 2025 PoC Published
- Mar 30, 2026 Security Advisory
- Mar 30, 2026 Security Advisory
- Mar 30, 2026 Security Advisory
References
- SUSE-SA:2011:033 vendor-advisory
- 48308 third-party-advisory
- TA11-222A third-party-advisory
- oval:org.mitre.oval:def:16030 vdb
- http://www.adobe.com/support/security/bulletins/apsb11-21.html url
- SUSE-SU-2011:0894 vendor-advisory
- RHSA-2011:1144 vendor-advisory
- oval:org.mitre.oval:def:14204 vdb
- openSUSE-SU-2011:0897 vendor-advisory