CVE-2012-4172

Adobe Shockwave Player < 11.6.8.638 - Remote Code Execution

Title source: llm
STIX 2.1

Description

Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4173, CVE-2012-4174, CVE-2012-4175, and CVE-2012-5273.

References (4)

Core 4
Core References
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/872545
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/86537
Patch, Vendor Advisory x_refsource_confirm
http://www.adobe.com/support/security/bulletins/apsb12-23.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/79544

Scores

EPSS 0.0969
EPSS Percentile 94.9%

Details

CWE
CWE-119
Status published
Products (50)
adobe/shockwave_player 1.0
adobe/shockwave_player 2.0
adobe/shockwave_player 3.0
adobe/shockwave_player 4.0
adobe/shockwave_player 5.0
adobe/shockwave_player 6.0
adobe/shockwave_player 8.0
adobe/shockwave_player 8.0.196
adobe/shockwave_player 8.0.196a
adobe/shockwave_player 8.0.204
... and 40 more
Published Oct 23, 2012
Tracked Since Feb 18, 2026