CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
78.7%
Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x does not properly handle integers, which allows attackers to obtain sensitive information via unspecified vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
adobe | flash_player | * | cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:* |
adobe | flash_player | 2 | cpe:2.3:a:adobe:flash_player:2:*:*:*:*:*:*:* |
adobe | flash_player | 3 | cpe:2.3:a:adobe:flash_player:3:*:*:*:*:*:*:* |
adobe | flash_player | 4 | cpe:2.3:a:adobe:flash_player:4:*:*:*:*:*:*:* |
adobe | flash_player | 5 | cpe:2.3:a:adobe:flash_player:5:*:*:*:*:*:*:* |
adobe | flash_player | 6 | cpe:2.3:a:adobe:flash_player:6:*:*:*:*:*:*:* |
adobe | flash_player | 6.0.21.0 | cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:* |
adobe | flash_player | 6.0.79 | cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:* |
adobe | flash_player | 7.0 | cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:* |
adobe | flash_player | 7.0.1 | cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:* |
lists.opensuse.org/opensuse-security-announce/2012-03/msg00005.html
lists.opensuse.org/opensuse-security-announce/2012-03/msg00006.html
secunia.com/advisories/48819
security.gentoo.org/glsa/glsa-201204-07.xml
www.adobe.com/support/security/bulletins/apsb12-05.html
www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14828
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16212