9.3
CVE-2012-0752
- EPSS 8.77%
- Veröffentlicht 16.02.2012 19:55:01
- Zuletzt bearbeitet 16.06.2026 23:38:11
- Quelle psirt@adobe.com
- CVE-Watchlists
- Unerledigt
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) by leveraging an unspecified "type confusion."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Flash Player Version < 10.3.183.15
Adobe ≫ Flash Player Version >= 11.0 < 11.1.102.62
Adobe ≫ Flash Player Version < 11.1.111.6
Adobe ≫ Flash Player Version < 11.1.115.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 8.77% | 0.945 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')
The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.
http://secunia.com/advisories/48819
http://security.gentoo.org/glsa/glsa-201204-07.xml
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html
http://secunia.com/advisories/48265
http://www.adobe.com/support/security/bulletins/apsb12-03.html
http://rhn.redhat.com/errata/RHSA-2012-0144.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14654
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16103