Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCertccCVE-2012-6270
HistoryDec 20, 2012 - 12:02 p.m.

CVE-2012-6270

2012-12-2012:02:19
certcc
web.nvd.nist.gov
28
cve-2012-6270
adobe shockwave player
remote attackers
installation trigger
compatibility feature
crafted html document

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

0.004

Percentile

75.0%

JSON

Adobe Shockwave Player through 11.6.8.638 allows remote attackers to trigger installation of a Shockwave Player 10.4.0.025 compatibility feature via a crafted HTML document that references Shockwave content with a certain compatibility parameter, related to a “downgrading” attack.

Affected configurations

Nvd
Node
adobeshockwave_playerRange11.6.8.638
OR
adobeshockwave_playerMatch1.0
OR
adobeshockwave_playerMatch2.0
OR
adobeshockwave_playerMatch3.0
OR
adobeshockwave_playerMatch4.0
OR
adobeshockwave_playerMatch5.0
OR
adobeshockwave_playerMatch6.0
OR
adobeshockwave_playerMatch8.0
OR
adobeshockwave_playerMatch8.0.196
OR
adobeshockwave_playerMatch8.0.196a
OR
adobeshockwave_playerMatch8.0.204
OR
adobeshockwave_playerMatch8.0.205
OR
adobeshockwave_playerMatch8.5.1
OR
adobeshockwave_playerMatch8.5.1.100
OR
adobeshockwave_playerMatch8.5.1.103
OR
adobeshockwave_playerMatch8.5.1.105
OR
adobeshockwave_playerMatch8.5.1.106
OR
adobeshockwave_playerMatch8.5.321
OR
adobeshockwave_playerMatch8.5.323
OR
adobeshockwave_playerMatch8.5.324
OR
adobeshockwave_playerMatch8.5.325
OR
adobeshockwave_playerMatch9.0.383
OR
adobeshockwave_playerMatch9.0.432
OR
adobeshockwave_playerMatch10.0.0.210
OR
adobeshockwave_playerMatch10.0.1.004
OR
adobeshockwave_playerMatch10.1.0.11
OR
adobeshockwave_playerMatch10.1.0.011
OR
adobeshockwave_playerMatch10.1.1.016
OR
adobeshockwave_playerMatch10.1.4.020
OR
adobeshockwave_playerMatch10.2.0.021
OR
adobeshockwave_playerMatch10.2.0.022
OR
adobeshockwave_playerMatch10.2.0.023
OR
adobeshockwave_playerMatch11.0.0.456
OR
adobeshockwave_playerMatch11.0.3.471
OR
adobeshockwave_playerMatch11.5.0.595
OR
adobeshockwave_playerMatch11.5.0.596
OR
adobeshockwave_playerMatch11.5.1.601
OR
adobeshockwave_playerMatch11.5.2.602
OR
adobeshockwave_playerMatch11.5.6.606
OR
adobeshockwave_playerMatch11.5.7.609
OR
adobeshockwave_playerMatch11.5.8.612
OR
adobeshockwave_playerMatch11.5.9.615
OR
adobeshockwave_playerMatch11.5.9.620
OR
adobeshockwave_playerMatch11.5.10.620
OR
adobeshockwave_playerMatch11.6.0.626
OR
adobeshockwave_playerMatch11.6.1.629
OR
adobeshockwave_playerMatch11.6.3.633
OR
adobeshockwave_playerMatch11.6.4.634
OR
adobeshockwave_playerMatch11.6.5.635
OR
adobeshockwave_playerMatch11.6.6.636
OR
adobeshockwave_playerMatch11.6.7.637
VendorProductVersionCPE
adobeshockwave_player11.0.3.471cpe:/a:adobe:shockwave_player:11.0.3.471:::
adobeshockwave_player4.0cpe:/a:adobe:shockwave_player:4.0:::
adobeshockwave_player8.0.196acpe:/a:adobe:shockwave_player:8.0.196a:::
adobeshockwave_player11.6.7.637cpe:/a:adobe:shockwave_player:11.6.7.637:::
adobeshockwave_player8.5.321cpe:/a:adobe:shockwave_player:8.5.321:::
adobeshockwave_player11.5.0.595cpe:/a:adobe:shockwave_player:11.5.0.595:::
adobeshockwave_player11.6.4.634cpe:/a:adobe:shockwave_player:11.6.4.634:::
adobeshockwave_player10.2.0.023cpe:/a:adobe:shockwave_player:10.2.0.023:::
adobeshockwave_player9.0.383cpe:/a:adobe:shockwave_player:9.0.383:::
adobeshockwave_player11.5.9.615cpe:/a:adobe:shockwave_player:11.5.9.615:::
Rows per page:
1-10 of 511

Related

cert 1
nvd 1
prion 1
cvelist 1
openvas 4
nessus 2
cert
cert
Adobe Shockwave player vulnerable to downgrading
2012-12-17 00:00:00
nvd
nvd
CVE-2012-6270
2012-12-20 12:02:19
prion
prion
Design/Logic Flaw
2012-12-20 12:02:00
cvelist
cvelist
CVE-2012-6270
2012-12-20 11:00:00
openvas
openvas
Adobe Shockwave Player Multiple Vulnerabilities (Jan 2013) - Windows
2013-01-02 00:00:00
Adobe Shockwave Player Multiple Vulnerabilities Jan-2013 (Windows)
2013-01-02 00:00:00
Adobe Shockwave Player Multiple Vulnerabilities Jan-2013 (Mac OS X)
2013-01-02 00:00:00
nessus
nessus
Flash Player for Mac <= 10.3.183.16 / 11.1.102.63 Multiple Memory Corruption Vulnerabilities (APSB12-07)
2012-03-30 00:00:00
Flash Player <= 10.3.183.16 / 11.1.102.63 Multiple Memory Corruption Vulnerabilities (APSB12-07)
2012-03-30 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

0.004

Percentile

75.0%

JSON
Related for CVE-2012-6270
cert1nvd1prion1cvelist1openvas4nessus2