9 CISA Known Exploited Vulnerabilities from 2011
Adobe Reader and Acrobat — U3D Stack Buffer Overflow Zero-Day Exploited in APT Spear-Phishing Against Defense Sector
Microsoft Forefront TMG — Heap Buffer Overflow in Firewall Client Winsock Provider Allows Unauthenticated RCE
Oracle Java SE — Rhino Script Engine Sandbox Escape Enables Unauthenticated RCE via Malicious Applets
Microsoft Windows win32k.sys — TrueType Font Parsing RCE Used as Duqu Zero-Day Initial Access Vector
Android OS — GingerBreak: vold Netlink Trust Flaw Enables Local Root Privilege Escalation
Adobe Flash Player — Zero-Day Exploited via Malicious SWF Content in Office Documents
Adobe Flash Player — Type Confusion Zero-Day Exploited via Malicious Word Documents and Web Pages
Microsoft Windows afd.sys — Kernel Driver Improper Input Validation Enables Local Privilege Escalation to SYSTEM
D-Link DIR-300 — Admin Credentials Stored in Cleartext Enable Network-Adjacent Credential Theft and Router Takeover