製品・ソフトウェアに関する情報

JVN脆弱性詳細

Adobe Flash Player における任意のコードを実行される脆弱性

Title	Adobe Flash Player における任意のコードを実行される脆弱性
Summary	Adobe Flash Player には、任意のコードを実行される脆弱性が存在します。
Possible impacts	第三者により、巧妙に細工されたフォントを介して、任意のコードを実行される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Feb. 8, 2011, midnight
Registration Date	March 7, 2011, 4:42 p.m.
Last Update	March 30, 2011, 1:33 p.m.

CVSS2.0 : 危険
Score	9.3
Vector	AV:N/AC:M/Au:N/C:C/I:C/A:C

Affected System

レッドハット

Red Hat Enterprise Linux Extras 4 extras

Red Hat Enterprise Linux Extras 4.8.z extras

Red Hat Enterprise Linux Server Supplementary 6

Red Hat Enterprise Linux Workstation Supplementary 6

RHEL Desktop Supplementary 5 (client)

RHEL Desktop Supplementary 6

RHEL Supplementary 5 (server)

オラクル

Oracle Solaris 10

アドビシステムズ

Adobe Flash CS4 Professional

Adobe Flash Professional CS5

Adobe Flash Player 10.1.102.64 およびそれ以前

Adobe Flex 4

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2011-0577	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0577
National Vulnerability Database (NVD)
2	CVE-2011-0577	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0577

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-Other	https://www.ipa.go.jp/security/vuln/CWE.html#CWEOther

ベンダー情報

No	Name	URL
Adobe Security Bulletin
1	APSB11-02	http://www.adobe.com/support/security/bulletins/apsb11-02.html
Adobe セキュリティ情報
2	cpsid_89115	http://kb2.adobe.com/jp/cps/891/cpsid_89115.html
Red Hat Security Advisory
3	RHSA-2011:0206	https://rhn.redhat.com/errata/RHSA-2011-0206.html
4	RHSA-2011:0259	https://rhn.redhat.com/errata/RHSA-2011-0259.html
5	RHSA-2011:0368	https://rhn.redhat.com/errata/RHSA-2011-0368.html
SECURITY BLOG
6	multiple_vulnerabilities_in_adobe_flash2	http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2

その他

No	Name	URL
ISS X-Force Database
1	65239	http://xforce.iss.net/xforce/xfdb/65239
JPCERT 緊急報告
2	JPCERT-AT-2011-0005	http://www.jpcert.or.jp/at/2011/at110005.txt
Secunia Advisory
3	SA43267	http://secunia.com/advisories/43267
4	SA43292	http://secunia.com/advisories/43292
5	SA43351	http://secunia.com/advisories/43351
SecurityFocus
6	46196	http://www.securityfocus.com/bid/46196
SecurityTracker
7	1025055	http://www.securitytracker.com/id?1025055
VUPEN Security
8	VUPEN/ADV-2011-0348	http://www.vupen.com/english/advisories/2011/0348
9	VUPEN/ADV-2011-0402	http://www.vupen.com/english/advisories/2011/0402
警察庁 @police
10	アドビシステムズ社の Adobe Flash Player のセキュリティ修正プログラムについて	http://www.npa.go.jp/cyberpolice/#topics

Change Log

No	Changed Details	Date of change
0	[2011年03月07日] 掲載 [2011年03月30日] 影響を受けるシステム：オラクル (multiple_vulnerabilities_in_adobe_flash2) の情報を追加ベンダ情報：オラクル (multiple_vulnerabilities_in_adobe_flash2) を追加ベンダ情報：レッドハット (RHSA-2011:0368) を追加	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2011-0577

Summary	Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 allows remote attackers to execute arbitrary code via a crafted font.
Publication Date	Feb. 11, 2011, 1 a.m.
Registration Date	Jan. 28, 2021, 4:37 p.m.
Last Update	Nov. 21, 2024, 10:24 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:adobe:flash_player:10.1.52.15:::::::*
cpe:2.3:a:adobe:flash_player:9.0.125.0:::::::*
cpe:2.3:a:adobe:flash_player:10.1.53.64:::::::*
cpe:2.3:a:adobe:flash_player:9.0.48.0:::::::*
cpe:2.3:a:adobe:flash_player:9.125.0:::::::*
cpe:2.3:a:adobe:flash_player:8.0.24.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.14.0:::::::*
cpe:2.3:a:adobe:flash_player:10.0.15.3:::::::*
cpe:2.3:a:adobe:flash_player:6.0.79:::::::*
cpe:2.3:a:adobe:flash_player:9.0.277.0:::::::*
cpe:2.3:a:adobe:flash_player:10.1.92.8:::::::*
cpe:2.3:a:adobe:flash_player:10.1.95.2:::::::*
cpe:2.3:a:adobe:flash_player:7.0.66.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.60.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.283.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.262.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.18d60:::::::*
cpe:2.3:a:adobe:flash_player:10.1.95.1:::::::*
cpe:2.3:a:adobe:flash_player:7.1.1:::::::*
cpe:2.3:a:adobe:flash_player:9.0.124.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.47.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.63:::::::*
cpe:2.3:a:adobe:flash_player:10.1.102.64:::::::*
cpe:2.3:a:adobe:flash_player:7.0.70.0:::::::*
cpe:2.3:a:adobe:flash_player:10.0.12.36:::::::*
cpe:2.3:a:adobe:flash_player:7.0.19.0:::::::*
cpe:2.3:a:adobe:flash_player:8.0.35.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.114.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.20.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.53.0:::::::*
cpe:2.3:a:adobe:flash_player:10.0.42.34:::::::*
cpe:2.3:a:adobe:flash_player:9.0.31.0:::::::*
cpe:2.3:a:adobe:flash_player:10.1.52.14.1:::::::*
cpe:2.3:a:adobe:flash_player:7.0.67.0:::::::*
cpe:2.3:a:adobe:flash_player:8.0.22.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.260.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.159.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.112.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.16:::::::*
cpe:2.3:a:adobe:flash_player:10.0.45.2:::::::*
cpe:2.3:a:adobe:flash_player:10.0.0.584:::::::*
cpe:2.3:a:adobe:flash_player:8.0.42.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.28.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.69.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.155.0:::::::*
cpe:2.3:a:adobe:flash_player:10.0.22.87:::::::*
cpe:2.3:a:adobe:flash_player:6.0.21.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.28:::::::*
cpe:2.3:a:adobe:flash_player:9.0.45.0:::::::*
cpe:2.3:a:adobe:flash_player:10.0.32.18:::::::*
cpe:2.3:a:adobe:flash_player:7.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.31:::::::*
cpe:2.3:a:adobe:flash_player:7.2:::::::*
cpe:2.3:a:adobe:flash_player:7.0.68.0:::::::*
cpe:2.3:a:adobe:flash_player:10.1.82.76:::::::*
cpe:2.3:a:adobe:flash_player:9.0.115.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.25:::::::*
cpe:2.3:a:adobe:flash_player:8.0:::::::*
cpe:2.3:a:adobe:flash_player:8.0.33.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.24.0:::::::*
cpe:2.3:a:adobe:flash_player:8.0.39.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.73.0:::::::*
cpe:2.3:a:adobe:flash_player:10.1.85.3:::::::*
cpe:2.3:a:adobe:flash_player:8.0.34.0:::::::*
cpe:2.3:a:adobe:flash_player:7.1:::::::*
cpe:2.3:a:adobe:flash_player:10.0.12.10:::::::*
cpe:2.3:a:adobe:flash_player:9.0.151.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.20:::::::*
cpe:2.3:a:adobe:flash_player:7.0.61.0:::::::*
cpe:2.3:a:adobe:flash_player::::::::		10.2.152
cpe:2.3:a:adobe:flash_player:7.0.1:::::::*
cpe:2.3:a:adobe:flash_player:9.0.246.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.152.0:::::::*
cpe:2.3:a:adobe:flash_player:10.1.92.10:::::::*
cpe:2.3:a:adobe:flash_player:9.0:::::::*

Related information, measures and tools

No	URL	タグ
1	http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2
2	http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00003.html
3	http://osvdb.org/70920
4	http://secunia.com/advisories/43267
5	http://secunia.com/advisories/43292
6	http://secunia.com/advisories/43340
7	http://secunia.com/advisories/43351
8	http://secunia.com/advisories/43747
9	http://www.adobe.com/support/security/bulletins/apsb11-02.html	Patch Vendor Advisory
10	http://www.redhat.com/support/errata/RHSA-2011-0206.html
11	http://www.redhat.com/support/errata/RHSA-2011-0259.html
12	http://www.redhat.com/support/errata/RHSA-2011-0368.html
13	http://www.securityfocus.com/bid/46196
14	http://www.securitytracker.com/id?1025055
15	http://www.vupen.com/english/advisories/2011/0348
16	http://www.vupen.com/english/advisories/2011/0383
17	http://www.vupen.com/english/advisories/2011/0402
18	http://www.vupen.com/english/advisories/2011/0646
19	https://exchange.xforce.ibmcloud.com/vulnerabilities/65239
20	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14164
21	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15754
22	http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2
23	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15754
24	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14164
25	https://exchange.xforce.ibmcloud.com/vulnerabilities/65239
26	http://www.vupen.com/english/advisories/2011/0646
27	http://www.vupen.com/english/advisories/2011/0402
28	http://www.vupen.com/english/advisories/2011/0383
29	http://www.vupen.com/english/advisories/2011/0348
30	http://www.securitytracker.com/id?1025055
31	http://www.securityfocus.com/bid/46196
32	http://www.redhat.com/support/errata/RHSA-2011-0368.html
33	http://www.redhat.com/support/errata/RHSA-2011-0259.html
34	http://www.redhat.com/support/errata/RHSA-2011-0206.html
35	http://www.adobe.com/support/security/bulletins/apsb11-02.html	Patch Vendor Advisory
36	http://secunia.com/advisories/43747
37	http://secunia.com/advisories/43351
38	http://secunia.com/advisories/43340
39	http://secunia.com/advisories/43292
40	http://secunia.com/advisories/43267
41	http://osvdb.org/70920
42	http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00003.html

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:adobe:flash_player:10.1.52.15:::::::*
cpe:2.3:a:adobe:flash_player:9.0.125.0:::::::*
cpe:2.3:a:adobe:flash_player:10.1.53.64:::::::*
cpe:2.3:a:adobe:flash_player:9.0.48.0:::::::*
cpe:2.3:a:adobe:flash_player:9.125.0:::::::*
cpe:2.3:a:adobe:flash_player:8.0.24.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.14.0:::::::*
cpe:2.3:a:adobe:flash_player:10.0.15.3:::::::*
cpe:2.3:a:adobe:flash_player:6.0.79:::::::*
cpe:2.3:a:adobe:flash_player:9.0.277.0:::::::*
cpe:2.3:a:adobe:flash_player:10.1.92.8:::::::*
cpe:2.3:a:adobe:flash_player:10.1.95.2:::::::*
cpe:2.3:a:adobe:flash_player:7.0.66.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.60.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.283.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.262.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.18d60:::::::*
cpe:2.3:a:adobe:flash_player:10.1.95.1:::::::*
cpe:2.3:a:adobe:flash_player:7.1.1:::::::*
cpe:2.3:a:adobe:flash_player:9.0.124.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.47.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.63:::::::*
cpe:2.3:a:adobe:flash_player:10.1.102.64:::::::*
cpe:2.3:a:adobe:flash_player:7.0.70.0:::::::*
cpe:2.3:a:adobe:flash_player:10.0.12.36:::::::*
cpe:2.3:a:adobe:flash_player:7.0.19.0:::::::*
cpe:2.3:a:adobe:flash_player:8.0.35.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.114.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.20.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.53.0:::::::*
cpe:2.3:a:adobe:flash_player:10.0.42.34:::::::*
cpe:2.3:a:adobe:flash_player:9.0.31.0:::::::*
cpe:2.3:a:adobe:flash_player:10.1.52.14.1:::::::*
cpe:2.3:a:adobe:flash_player:7.0.67.0:::::::*
cpe:2.3:a:adobe:flash_player:8.0.22.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.260.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.159.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.112.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.16:::::::*
cpe:2.3:a:adobe:flash_player:10.0.45.2:::::::*
cpe:2.3:a:adobe:flash_player:10.0.0.584:::::::*
cpe:2.3:a:adobe:flash_player:8.0.42.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.28.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.69.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.155.0:::::::*
cpe:2.3:a:adobe:flash_player:10.0.22.87:::::::*
cpe:2.3:a:adobe:flash_player:6.0.21.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.28:::::::*
cpe:2.3:a:adobe:flash_player:9.0.45.0:::::::*
cpe:2.3:a:adobe:flash_player:10.0.32.18:::::::*
cpe:2.3:a:adobe:flash_player:7.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.31:::::::*
cpe:2.3:a:adobe:flash_player:7.2:::::::*
cpe:2.3:a:adobe:flash_player:7.0.68.0:::::::*
cpe:2.3:a:adobe:flash_player:10.1.82.76:::::::*
cpe:2.3:a:adobe:flash_player:9.0.115.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.25:::::::*
cpe:2.3:a:adobe:flash_player:8.0:::::::*
cpe:2.3:a:adobe:flash_player:8.0.33.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.24.0:::::::*
cpe:2.3:a:adobe:flash_player:8.0.39.0:::::::*
cpe:2.3:a:adobe:flash_player:7.0.73.0:::::::*
cpe:2.3:a:adobe:flash_player:10.1.85.3:::::::*
cpe:2.3:a:adobe:flash_player:8.0.34.0:::::::*
cpe:2.3:a:adobe:flash_player:7.1:::::::*
cpe:2.3:a:adobe:flash_player:10.0.12.10:::::::*
cpe:2.3:a:adobe:flash_player:9.0.151.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.20:::::::*
cpe:2.3:a:adobe:flash_player:7.0.61.0:::::::*
cpe:2.3:a:adobe:flash_player::::::::		10.2.152
cpe:2.3:a:adobe:flash_player:7.0.1:::::::*
cpe:2.3:a:adobe:flash_player:9.0.246.0:::::::*
cpe:2.3:a:adobe:flash_player:9.0.152.0:::::::*
cpe:2.3:a:adobe:flash_player:10.1.92.10:::::::*
cpe:2.3:a:adobe:flash_player:9.0:::::::*