PT-2012-1237 · Adobe+2 · Flash Player+2

Publicado

2012-08-14

Atualizado

2025-04-03

CVE-2012-1535

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 11.3.300.271 on Windows and Mac OS X Adobe Flash Player versions prior to 11.2.202.238 on Linux

Description The issue allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted SWF content. This was exploited in the wild in August 2012 with SWF content in a Word document. The vulnerability is related to a buffer overflow in memory when processing SWF content.

Recommendations For Adobe Flash Player versions prior to 11.3.300.271 on Windows and Mac OS X, update to version 11.3.300.271 or later. For Adobe Flash Player versions prior to 11.2.202.238 on Linux, update to version 11.2.202.238 or later. As a temporary workaround, consider restricting the use of SWF content in documents until a patch is applied.

Exploit

Correção

RCE

DoS

Code Injection

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94CWE-119CWE-20

Identificadores relacionados

BDU:2022-04092

CVE-2012-1535

OPENSUSE-SU-2012_0996-1

OPENSUSE-SU-2013_0362-1

RHSA-2012:1173

RHSA-2012:1203

RHSA-2012_1173

SUSE-SU-2012_1001-1

SUSE-SU-2012_1001-2

Produtos afetados

Flash Player

Red Hat

Suse

PT-2012-1237 · Adobe+2 · Flash Player+2

CVE-2012-1535

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 41