CVE-2012-0752

EPSS 6.42%
Published 16.02.2012 19:55:01
Last modified 11.04.2025 00:51:21
Source psirt@adobe.com
Teams watchlist Login
Open Login

Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) by leveraging an unspecified "type confusion."

Affected products Warnungen 0 Metrics 2 CWE 1 References 11

Data is provided by the National Vulnerability Database (NVD)

Adobe ≫ Flash Player Version < 10.3.183.15

   Apple ≫ macOS X Version-
   Linux ≫ Linux Kernel Version-
   Microsoft ≫ Windows Version-
   Oracle ≫ Solaris Version- HwPlatform-

Adobe ≫ Flash Player Version >= 11.0 < 11.1.102.62

   Apple ≫ macOS X Version-
   Linux ≫ Linux Kernel Version-
   Microsoft ≫ Windows Version-
   Oracle ≫ Solaris Version- HwPlatform-

Adobe ≫ Flash Player Version < 11.1.111.6

Google ≫ Android Version >= 2.0 <= 3.2

Adobe ≫ Flash Player Version < 11.1.115.6

Google ≫ Android Version4.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	6.42%	0.906

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

CWE-843 Access of Resource Using Incompatible Type ('Type Confusion')

The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

http://secunia.com/advisories/48819

Broken Link

http://security.gentoo.org/glsa/glsa-201204-07.xml

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html

Broken Link

http://secunia.com/advisories/48265

Broken Link

http://www.adobe.com/support/security/bulletins/apsb12-03.html

Patch

Vendor Advisory

Broken Link