10
CVSSv2

CVE-2012-4167

Published: 21/08/2012 Updated: 04/12/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Integer overflow in Adobe Flash Player prior to 10.3.183.23 and 11.x prior to 11.4.402.265 on Windows and Mac OS X, prior to 10.3.183.23 and 11.x prior to 11.2.202.238 on Linux, prior to 11.1.111.16 on Android 2.x and 3.x, and prior to 11.1.115.17 on Android 4.x; Adobe AIR prior to 3.4.0.2540; and Adobe AIR SDK prior to 3.4.0.2540 allows malicious users to execute arbitrary code via unspecified vectors.

Affected Products

Vendor Product Versions
AdobeAir2.0.0, 2.5, 2.5.1, 2.6, 2.7.0.1948, 2.7.0.1953, 2.7.1.1961, 3.2, 3.3, 3.4
AdobeAir Sdk3.0.0.4080
AdobeFlash Player10.3, 10.3.181.14, 10.3.181.16, 10.3.181.22, 10.3.181.23, 10.3.181.26, 10.3.181.34, 10.3.183.5, 10.3.183.7, 10.3.183.10, 10.3.183.11, 10.3.183.15, 10.3.183.16, 10.3.183.18, 10.3.183.19, 10.3.183.20, 11.1, 11.1.102.55, 11.1.102.59, 11.1.102.62, 11.1.102.63, 11.1.111.8, 11.1.111.13, 11.1.111.44, 11.1.111.50, 11.1.111.54, 11.1.111.64, 11.1.111.73, 11.1.115.7, 11.2.202.223, 11.2.202.228, 11.2.202.233, 11.2.202.235, 11.2.202.236

Vendor Advisories

Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An updated Adobe Flash Player package that fixes one security issue is nowavailable for Red Hat Enterprise Linux 6 SupplementaryThe Red Hat Security Response Team has rated this update as having criticalsecurity ...
Synopsis Critical: flash-plugin security update Type/Severity Security Advisory: Critical Topic An updated Adobe Flash Player package that fixes several security issues isnow available for Red Hat Enterprise Linux 5 SupplementaryThe Red Hat Security Response Team has rated this update as having criticalsec ...

Recent Articles

Adobe Flash Player 0-day and HackingTeam’s Remote Control System
Securelist • Sergey Golovanov • 12 Feb 2013

Last week, Adobe released a patch for a vulnerability in Flash Player that was being exploited in targeted attacks.
Before reading any further, we recommend you to take a moment make sure you apply this patch. Adobe offers this nifty tool to check that you have the latest version of Flash Player.
If you are running Google Chrome, make sure you have version -24.0.1312.57 m- or later.
Now back to CVE-2013-0633, the critical vulnerability that was discovered and reported to Ado...