PT-2012-5212 · Adobe+1 · Flash Player+3

Published

2012-08-15

·

Updated

2018-12-04

·

CVE-2012-4167

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 10.3.183.23 and 11.x prior to 11.4.402.265 on Windows and Mac OS X Adobe Flash Player versions prior to 10.3.183.23 and 11.x prior to 11.2.202.238 on Linux Adobe Flash Player versions prior to 11.1.111.16 on Android 2.x and 3.x Adobe Flash Player versions prior to 11.1.115.17 on Android 4.x Adobe AIR versions prior to 3.4.0.2540 Adobe AIR SDK versions prior to 3.4.0.2540
Description The issue allows attackers to execute arbitrary code via unspecified vectors due to an integer overflow.
Recommendations Update Adobe Flash Player to version 10.3.183.23 or later and 11.x to 11.4.402.265 or later on Windows and Mac OS X Update Adobe Flash Player to version 10.3.183.23 or later and 11.x to 11.2.202.238 or later on Linux Update Adobe Flash Player to version 11.1.111.16 or later on Android 2.x and 3.x Update Adobe Flash Player to version 11.1.115.17 or later on Android 4.x Update Adobe AIR to version 3.4.0.2540 or later Update Adobe AIR SDK to version 3.4.0.2540 or later

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-189

Related Identifiers

CVE-2012-4167
RHSA-2012:1173
RHSA-2012:1203
RHSA-2012_1173

Affected Products

Air
Air Sdk
Flash Player
Red Hat