Adobe Flash Player Remote Memory Corruption Vulnerability

  Severity: CRITICAL
  CVE Identifier: CVE-2011-2110
  Advisory Date: JUN 15, 2011

  DESCRIPTION

A vulnerability exists in certain versions of Adobe Flash Player for Windows, Macintosh, Linux, Solaris, and some versions of Android operating systems. When exploited, the said vulnerability may allow a remote attacker to take control of the affected system.

  TREND MICRO PROTECTION INFORMATION

Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities. Please refer to the filter number and filter name when applying appropriate DPI and/or IDF rules.

  SOLUTION

  PATCH: http://www.adobe.com/support/security/bulletins/apsb11-18.html

  Trend Micro Deep Security DPI Rule Number: 1004704
  Trend Micro Deep Security DPI Rule Name: Adobe Flash Player Remote Memory Corruption Vulnerability (CVE-2011-2110)

  AFFECTED SOFTWARE AND VERSION

  • Adobe Flash Player 10.3.181.23 and earlier - network distribution
  • Adobe Flash Player 10.3.181.23 and earlier for Android
  • Adobe Flash Player 10.3.185.23 and earlier for Android
  • Adobe Flash Player integrated with Google Chrome

  OTHER INFORMATION