CVE-2011-4693

{"id": "CVE-2011-4693", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2011-12-07T20:55:00.753", "references": [{"url": "http://partners.immunityinc.com/movies/VulnDisco-Flash0day-v2.mov", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1026392", "source": "cve@mitre.org"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=761216", "source": "cve@mitre.org"}, {"url": "https://lists.immunityinc.com/pipermail/dailydave/2011-December/000402.html", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14405", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15703", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote attackers to execute arbitrary code via a crafted SWF file, as demonstrated by the first of two vulnerabilities exploited by the Intevydis vd_adobe_fp module in VulnDisco Step Ahead (SA). NOTE: as of 20111207, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Adobe Flash Player v11.1.102.55 en Windows y Mac OS X permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un archivo SWF modificado, como lo demuestra la primera de las dos vulnerabilidades explotadas por el m\u00f3dulo Intevydis vd_adobe_fp en VulnDisco Step Ahead (SA)). NOTA: a partir de 20111207, esta revelaci\u00f3n no tiene informaci\u00f3n \u00fatil. Sin embargo, debido a que el autor del m\u00f3dulo es un investigador confiable, se le ha asignado un identificador CVE con fines de seguimiento."}], "lastModified": "2017-09-19T01:34:26.400", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:11.1.102.55:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D05546BB-7EE7-4202-8A55-D413C1BE6D9D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574"}, {"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}