9.3

CVE-2012-2040

Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows local users to gain privileges via a Trojan horse executable file in an unspecified directory.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeFlash Player Version <= 11.2.202.235
   ApplemacOS Version-
   LinuxLinux Kernel Version-
   MicrosoftWindows Version-
AdobeFlash Player Version <= 11.1.115.8
   GoogleAndroid Version >= 4.0 <= 4.4.4
AdobeFlash Player Version <= 11.1.111.9
   GoogleAndroid Version >= 2.0 <= 3.2.6
AdobeAir Version <= 3.2.0.2070
   ApplemacOS Version-
   GoogleAndroid Version-
   MicrosoftWindows Version-
OpensuseOpensuse Version11.4
OpensuseOpensuse Version12.1
SuseLinux Enterprise Desktop Version10 Updatesp4
SuseLinux Enterprise Desktop Version11 Updatesp1
SuseLinux Enterprise Desktop Version11 Updatesp2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.25% 0.774
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-426 Untrusted Search Path

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.