PT-2012-5213 · Adobe+1 · Flash Player+3

Publicado

2012-08-15

·

Atualizado

2018-12-04

·

CVE-2012-4168

CVSS v2.0

4.3

Média

VetorAV:N/AC:M/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 10.3.183.23 and 11.x prior to 11.4.402.265 on Windows and Mac OS X Adobe Flash Player versions prior to 10.3.183.23 and 11.x prior to 11.2.202.238 on Linux Adobe Flash Player versions prior to 11.1.111.16 on Android 2.x and 3.x Adobe Flash Player versions prior to 11.1.115.17 on Android 4.x Adobe AIR versions prior to 3.4.0.2540 Adobe AIR SDK versions prior to 3.4.0.2540
Description The issue allows remote attackers to read content from a different domain via a crafted web site.
Recommendations For Adobe Flash Player versions prior to 10.3.183.23 and 11.x prior to 11.4.402.265 on Windows and Mac OS X, update to version 10.3.183.23 or 11.4.402.265 or later. For Adobe Flash Player versions prior to 10.3.183.23 and 11.x prior to 11.2.202.238 on Linux, update to version 10.3.183.23 or 11.2.202.238 or later. For Adobe Flash Player versions prior to 11.1.111.16 on Android 2.x and 3.x, update to version 11.1.111.16 or later. For Adobe Flash Player versions prior to 11.1.115.17 on Android 4.x, update to version 11.1.115.17 or later. For Adobe AIR versions prior to 3.4.0.2540, update to version 3.4.0.2540 or later. For Adobe AIR SDK versions prior to 3.4.0.2540, update to version 3.4.0.2540 or later.

Exploit

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2012-4168
RHSA-2012:1173
RHSA-2012:1203
RHSA-2012_1173

Produtos afetados

Air
Air Sdk
Flash Player
Red Hat