Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a "group of included constants," object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011.
CVE-2011-0611
Score elevated to 9.0 because this CVE is listed on the CISA Known Exploited Vulnerabilities catalog (added 2022-03-03), indicating real-world exploitation has been confirmed by US federal agencies. NVD baseline CVSS 8.8 retained for reference. Confidence: HIGH.
- Actively exploited in the wild (CISA-KEV)
A fix is available — apply it.
- CVSS v3
- 8.8
- EG Score
- 9.0(high)
- EPSS
- 99.9%
- KEV
- ⚠ Exploited
Published
April 13, 2011
Last Modified
April 21, 2026
Advisory Details (9)
Auto-updated May 2, 2026Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability - CXSecurity.com
http://securityreason.com/securityalert/8204Chrome Releases: Stable Channel Update
http://googlechromereleases.blogspot.com/2011/04/stable-channel-update.htmlcontagio: Apr. 8 CVE-2011-0611 Flash Player Zero day - SWF in DOC/ XLS - Disentangling Industrial Policy..
http://contagiodump.blogspot.com/2011/04/apr-8-cve-2011-0611-flash-player-zero.htmlBugiX - Security Research: CVE-2011-0611 Adobe Flash Zero Day embeded in DOC
http://bugix-security.blogspot.com/2011/04/cve-2011-0611-adobe-flash-zero-day.htmlArchived MSDN and TechNet Blogs | Microsoft Learn
http://blogs.technet.com/b/mmpc/archive/2011/04/12/analysis-of-the-cve-2011-0611-adobe-flash-player-vulnerability-exploitation.aspxPatch Availability(1)
| Vendor / Ecosystem | Fixed in / Patch | Released | Source |
|---|---|---|---|
| redhat | flash-plugin-0:10.2.159.1-1.el5 | 2011-04-18 | redhat |
Patches are aggregated from vendor advisories (Red Hat, Microsoft, Cisco, GitHub) and package ecosystems (OSV, GHSA). Multiple rows for the same upstream release have been deduplicated.
Weakness Classification(2)
MITRE Common Weakness Enumeration — the root-cause categories this CVE belongs to.
All Vendor Advisories
(1)
Every vendor that published an advisory referencing this CVE — pulled from our cve_vendor_advisories aggregation. Click any row for the vendor's original advisory page.
Data Freshness Timeline
(refreshed 96× in last 7d / 396× in last 30d)
Each row is a source pipeline that fetched or updated this CVE on that date, with what changed. For example, "NVD update" means NVD published or revised its analysis for this CVE; "MITRE cvelistV5" means we ingested or refreshed it from the CNA feed. Most recent first.
Showing the most recent 100 of 678 total refreshes for this CVE.
- 2026-07-18 14:56 UTCVendor advisory
- 2026-07-18 14:55 UTCGHSA enrichment
- 2026-07-18 11:07 UTCVendor advisory
- 2026-07-18 11:07 UTCGHSA enrichment
- 2026-07-18 07:19 UTCVendor advisory
- 2026-07-18 07:19 UTCGHSA enrichment
- 2026-07-18 03:32 UTCVendor advisory
- 2026-07-18 03:31 UTCGHSA enrichment
- 2026-07-17 23:44 UTCVendor advisory
- 2026-07-17 23:44 UTCGHSA enrichment
- 2026-07-17 19:57 UTCVendor advisory
- 2026-07-17 19:57 UTCGHSA enrichment
- 2026-07-17 16:09 UTCVendor advisory
- 2026-07-17 16:09 UTCGHSA enrichment
- 2026-07-17 12:22 UTCVendor advisory
- 2026-07-17 12:21 UTCGHSA enrichment
- 2026-07-17 08:33 UTCEG score recompute
- 2026-07-17 08:33 UTCVendor advisory
- 2026-07-17 08:33 UTCGHSA enrichment
- 2026-07-17 04:46 UTCVendor advisory
- 2026-07-17 04:46 UTCGHSA enrichment
- 2026-07-17 00:59 UTCVendor advisory
- 2026-07-17 00:59 UTCGHSA enrichment
- 2026-07-16 21:11 UTCVendor advisory
- 2026-07-16 21:11 UTCGHSA enrichment
Show 75 moreShow fewer
- 2026-07-16 17:23 UTCVendor advisory
- 2026-07-16 17:23 UTCGHSA enrichment
- 2026-07-16 17:04 UTCCISA KEV update
- 2026-07-16 13:35 UTCVendor advisory
- 2026-07-16 13:35 UTCGHSA enrichment
- 2026-07-16 09:48 UTCVendor advisory
- 2026-07-16 09:48 UTCGHSA enrichment
- 2026-07-16 06:01 UTCVendor advisory
- 2026-07-16 06:01 UTCGHSA enrichment
- 2026-07-16 02:14 UTCVendor advisory
- 2026-07-16 02:14 UTCGHSA enrichment
- 2026-07-15 22:27 UTCVendor advisory
- 2026-07-15 22:27 UTCGHSA enrichment
- 2026-07-15 18:39 UTCVendor advisory
- 2026-07-15 18:39 UTCGHSA enrichment
- 2026-07-15 16:49 UTCCISA KEV update
- 2026-07-15 15:04 UTCCISA KEV update
- 2026-07-15 14:48 UTCVendor advisory
- 2026-07-15 14:48 UTCGHSA enrichment
- 2026-07-15 11:00 UTCVendor advisory
- 2026-07-15 10:59 UTCGHSA enrichment
- 2026-07-15 07:12 UTCVendor advisory
- 2026-07-15 07:11 UTCGHSA enrichment
- 2026-07-15 03:24 UTCVendor advisory
- 2026-07-15 03:24 UTCGHSA enrichment
- 2026-07-14 23:37 UTCVendor advisory
- 2026-07-14 23:37 UTCGHSA enrichment
- 2026-07-14 19:50 UTCVendor advisory
- 2026-07-14 19:50 UTCGHSA enrichment
- 2026-07-14 18:05 UTCCISA KEV update
- 2026-07-14 16:02 UTCVendor advisory
- 2026-07-14 16:02 UTCGHSA enrichment
- 2026-07-14 12:15 UTCVendor advisory
- 2026-07-14 12:15 UTCGHSA enrichment
- 2026-07-14 08:27 UTCVendor advisory
- 2026-07-14 08:27 UTCGHSA enrichment
- 2026-07-14 04:39 UTCVendor advisory
- 2026-07-14 04:39 UTCGHSA enrichment
- 2026-07-14 00:51 UTCVendor advisory
- 2026-07-14 00:51 UTCGHSA enrichment
- 2026-07-13 21:03 UTCVendor advisory
- 2026-07-13 21:03 UTCGHSA enrichment
- 2026-07-13 17:15 UTCVendor advisory
- 2026-07-13 17:15 UTCGHSA enrichment
- 2026-07-13 17:07 UTCCISA KEV update
- 2026-07-13 13:27 UTCVendor advisory
- 2026-07-13 13:27 UTCGHSA enrichment
- 2026-07-13 09:40 UTCVendor advisory
- 2026-07-13 09:40 UTCGHSA enrichment
- 2026-07-13 05:52 UTCVendor advisory
- 2026-07-13 05:52 UTCGHSA enrichment
- 2026-07-13 02:04 UTCVendor advisory
- 2026-07-13 02:04 UTCGHSA enrichment
- 2026-07-12 22:16 UTCVendor advisory
- 2026-07-12 22:16 UTCGHSA enrichment
- 2026-07-12 18:28 UTCVendor advisory
- 2026-07-12 18:28 UTCGHSA enrichment
- 2026-07-12 14:39 UTCVendor advisory
- 2026-07-12 14:39 UTCGHSA enrichment
- 2026-07-12 10:51 UTCVendor advisory
- 2026-07-12 10:51 UTCGHSA enrichment
- 2026-07-12 07:03 UTCVendor advisory
- 2026-07-12 07:03 UTCGHSA enrichment
- 2026-07-12 03:15 UTCVendor advisory
- 2026-07-12 03:15 UTCGHSA enrichment
- 2026-07-11 23:28 UTCVendor advisory
- 2026-07-11 23:28 UTCGHSA enrichment
- 2026-07-11 19:41 UTCVendor advisory
- 2026-07-11 19:41 UTCGHSA enrichment
- 2026-07-11 15:53 UTCVendor advisory
- 2026-07-11 15:53 UTCGHSA enrichment
- 2026-07-11 12:05 UTCVendor advisory
- 2026-07-11 12:05 UTCGHSA enrichment
- 2026-07-11 08:17 UTCVendor advisory
- 2026-07-11 08:17 UTCGHSA enrichment
Publicly available exploits
(3 references)Working exploit code is in the public domain (1 Metasploit module) (2 Exploit-DB entries). Defenders should treat patch urgency accordingly — public PoCs typically lead to mass-exploitation within 24-72 hours.
- Exploit-DBEDB-17473✓ verifiedFirst seen Jul 3, 2011
Adobe Reader X 10.0.0 < 10.0.1 - Atom Type Confusion
Open source ↗ - Exploit-DBEDB-17175✓ verifiedFirst seen Apr 16, 2011
Adobe Flash Player 10.2.153.1 - SWF Memory Corruption (Metasploit)
Open source ↗ - Metasploitexploit/windows/browser/adobe_flashplayer_flash10o✓ verifiedFirst seen Apr 11, 2011
Adobe Flash Player 10.2.153.1 SWF Memory Corruption Vulnerability
Open source ↗
Related CVEs(same vendor + same CWE)
Same vendor
10 shownredhat
Same CWE
10 shownCWE-119
Frequently asked(6)
What is CVE-2011-0611?
When was CVE-2011-0611 disclosed?
Is CVE-2011-0611 actively exploited?
What is the CVSS score of CVE-2011-0611?
Which products are affected by CVE-2011-0611?
How do I remediate CVE-2011-0611?
Dependency Blast Radius
Explore the affected products and dependency analysis for CVE-2011-0611
Is Your Infrastructure Affected by CVE-2011-0611?
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.