Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2012-0754

Published: 16/02/2012 Updated: 30/01/2023
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 935
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Flash Player

Vulnerability Summary

Adobe Flash Player prior to 10.3.183.15 and 11.x prior to 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; prior to 11.1.111.6 on Android 2.x and 3.x; and prior to 11.1.115.6 on Android 4.x allows malicious users to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

adobe flash_player

Vendor Advisories

Red Hat: Critical: flash-plugin security update
Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An updated Adobe Flash Player package that fixes multiple security issuesis now available for Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as having crit ...

Exploits

Exploit DB: Adobe Flash Player - '.mp4 cprt' Remote Overflow (Metasploit)
## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # web site for more information on licensing and terms of use # metasploitcom/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::R ...
Exploit DB: Adobe Flash Player .mp4 'cprt' Overflow
This Metasploit module exploits a vulnerability found in Adobe Flash Player By supplying a corrupt mp4 file loaded by Flash, it is possible to gain arbitrary remote code execution under the context of the user This vulnerability has been exploited in the wild as part of the "Iran's Oil and Nuclear Situationdoc" phishing campaign ...

Recent Articles

Investigation Report for the September 2014 Equation malware detection incident in the US
Securelist • Kaspersky Lab • 16 Nov 2017

In early October, a story was published by the Wall Street Journal alleging Kaspersky Lab software was used to siphon classified data from an NSA employee’s home computer system. Given that Kaspersky Lab has been at the forefront of fighting cyberespionage and cybercriminal activities on the Internet for over 20 years now, these allegations were treated very seriously. To assist any independent investigators and all the people who have been asking us questions whether those allegations were tr...

Read more...

References

CWE-787http://www.adobe.com/support/security/bulletins/apsb12-03.htmlhttp://rhn.redhat.com/errata/RHSA-2012-0144.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.htmlhttp://security.gentoo.org/glsa/glsa-201204-07.xmlhttp://secunia.com/advisories/48819https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15973https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15030http://secunia.com/advisories/48265https://access.redhat.com/errata/RHSA-2012:0144https://nvd.nist.govhttps://www.exploit-db.com/exploits/18572/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook