CVE-2012-5054

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 11.4.402.265

Description The issue is related to an integer overflow in the copyRawDataTo method of the Matrix3D class in Adobe Flash Player, which can be exploited by remote attackers to execute arbitrary code via malformed arguments.

Recommendations For versions prior to 11.4.402.265, update to version 11.4.402.265 or later to resolve the issue. As a temporary workaround, consider restricting access to the copyRawDataTo method in the Matrix3D class until a patch is applied.

Exploit

Fix

RCE

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-189

Related Identifiers

BDU:2022-03961

CVE-2012-5054

RHSA-2012:1173

RHSA-2012:1203

RHSA-2012_1173

Affected Products

Flash Player

Red Hat

CVE-2012-5054

Weakness Enumeration

Related Identifiers

Affected Products

References · 25