PT-2012-5864 · Adobe+2 · Flash Player+4

Published

2012-10-09

·

Updated

2017-08-29

·

CVE-2012-5261

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 10.3.183.29 and 11.x prior to 11.4.402.287 on Windows and Mac OS X Adobe Flash Player versions prior to 10.3.183.29 and 11.x prior to 11.2.202.243 on Linux Adobe Flash Player versions prior to 11.1.111.19 on Android 2.x and 3.x Adobe Flash Player versions prior to 11.1.115.20 on Android 4.x Adobe AIR versions prior to 3.4.0.2710 Adobe AIR SDK versions prior to 3.4.0.2710
Description The issue allows attackers to execute arbitrary code or cause a denial of service via unspecified vectors, resulting in memory corruption. This is a distinct issue from other memory corruption problems.
Recommendations For Adobe Flash Player versions prior to 10.3.183.29 and 11.x prior to 11.4.402.287 on Windows and Mac OS X, update to version 10.3.183.29 or 11.4.402.287 or later. For Adobe Flash Player versions prior to 10.3.183.29 and 11.x prior to 11.2.202.243 on Linux, update to version 10.3.183.29 or 11.2.202.243 or later. For Adobe Flash Player versions prior to 11.1.111.19 on Android 2.x and 3.x, update to version 11.1.111.19 or later. For Adobe Flash Player versions prior to 11.1.115.20 on Android 4.x, update to version 11.1.115.20 or later. For Adobe AIR versions prior to 3.4.0.2710, update to version 3.4.0.2710 or later. For Adobe AIR SDK versions prior to 3.4.0.2710, update to version 3.4.0.2710 or later.

Fix

DoS

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2012-5261
OPENSUSE-SU-2012_1324-1
OPENSUSE-SU-2013_0370-1
RHSA-2012:1346
RHSA-2012_1346

Affected Products

Air
Air Sdk
Flash Player
Red Hat
Suse