9.3
CVE-2012-0754
- EPSS 92.03%
- Veröffentlicht 16.02.2012 19:55:01
- Zuletzt bearbeitet 16.06.2026 23:38:11
- Quelle psirt@adobe.com
- CVE-Watchlists
- Unerledigt
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Flash Player Version < 10.3.183.15
Adobe ≫ Flash Player Version >= 11.0 < 11.1.102.62
Adobe ≫ Flash Player Version < 11.1.111.6
Adobe ≫ Flash Player Version < 11.1.115.6
08.06.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog
Adobe Flash Player Memory Corruption Vulnerability
SchwachstelleAdobe Flash Player contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).
BeschreibungThe impacted product is end-of-life and should be disconnected if still in use.
Erforderliche Maßnahmen| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 92.03% | 0.998 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.1 | 2.2 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.
http://secunia.com/advisories/48819
http://security.gentoo.org/glsa/glsa-201204-07.xml
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html
http://secunia.com/advisories/48265
http://www.adobe.com/support/security/bulletins/apsb12-03.html
http://rhn.redhat.com/errata/RHSA-2012-0144.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15030
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15973
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-0754
https://github.com/cisagov/vulnrichment/issues/196