CVE-2012-0754

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions 10.3.183.15 and earlier Adobe Flash Player versions 11.x prior to 11.1.102.62 Adobe Flash Player versions prior to 11.1.111.6 on Android 2.x and 3.x Adobe Flash Player versions prior to 11.1.115.6 on Android 4.x

Description The issue allows attackers to execute arbitrary code or cause a denial of service due to memory corruption via unspecified vectors. It is related to a buffer overflow operation. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations For Adobe Flash Player versions 10.3.183.15 and earlier, update to version 10.3.183.15 or later. For Adobe Flash Player versions 11.x prior to 11.1.102.62, update to version 11.1.102.62 or later. For Adobe Flash Player versions prior to 11.1.111.6 on Android 2.x and 3.x, update to version 11.1.111.6 or later. For Adobe Flash Player versions prior to 11.1.115.6 on Android 4.x, update to version 11.1.115.6 or later. As a temporary workaround, consider disabling the vulnerable ASconstructor function until a patch is available. Restrict access to the MP4 stream decoding module to minimize the risk of exploitation. Avoid using the affected API endpoints until the issue is resolved.