Lucene search

[email protected]CVE-2012-2037

HistoryJun 09, 2012 - 12:55 a.m.

CVE-2012-2037

2012-06-0900:55:01

CWE-119

[email protected]

web.nvd.nist.gov

115

In Wild

cve-2012-2037

adobe flash player

vulnerability

arbitrary code execution

denial of service

memory corruption

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.6%

JSON

Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2034.

Affected configurations

NVD

Node

adobeflash_playerRange≤11.2.202.235

AND

applemacosMatch-

linuxlinux_kernelMatch-

microsoftwindowsMatch-

Node

adobeflash_playerRange≤11.1.115.8

AND

googleandroidRange4.0–4.4.4

Node

adobeflash_playerRange≤11.1.111.9

AND

googleandroidRange2.0–3.2.6

Node

adobeairRange≤3.2.0.2070

AND

applemacosMatch-

googleandroidMatch-

microsoftwindowsMatch-

Node

opensuseopensuseMatch11.4

opensuseopensuseMatch12.1

suselinux_enterprise_desktopMatch10sp4

suselinux_enterprise_desktopMatch11sp1

suselinux_enterprise_desktopMatch11sp2

Node

redhatenterprise_linux_desktopMatch5.0

redhatenterprise_linux_desktopMatch6.0

redhatenterprise_linux_eusMatch6.2

redhatenterprise_linux_serverMatch5.0

redhatenterprise_linux_serverMatch6.0

redhatenterprise_linux_server_ausMatch6.2

redhatenterprise_linux_workstationMatch5.0

redhatenterprise_linux_workstationMatch6.0

CPENameOperatorVersion
adobe:flash_playeradobe flash playerle11.2.202.235

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	le	11.2.202.235

References

lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html

lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html

rhn.redhat.com/errata/RHSA-2012-0722.html

www.adobe.com/support/security/bulletins/apsb12-14.html

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.6%

JSON

Related for CVE-2012-2037

ubuntucve2 attackerkb2 prion2 nvd2 cvelist2 cve1 checkpoint_advisories2 nessus12 redhat1 openvas18 freebsd2 suse2 cisa_kev1 gentoo1