CVE-2012-5272

Adobe Flash Player < 10.3.183.29 and 11.x < 11.4.402.287 - Remote Code Execution via Memory Corruption

Title source: llm
STIX 2.1

Description

Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22.

References (3)

Core 3
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www.adobe.com/support/security/bulletins/apsb12-22.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/86049

Scores

EPSS 0.0522
EPSS Percentile 91.5%

Details

CWE
CWE-119
Status published
Products (50)
adobe/adobe_air 1.0
adobe/adobe_air 1.0.1
adobe/adobe_air 1.0.8.4990
adobe/adobe_air 1.0.4990
adobe/adobe_air 1.1
adobe/adobe_air 1.1.0.5790
adobe/adobe_air 1.5
adobe/adobe_air 1.5.0.7220
adobe/adobe_air 1.5.1
adobe/adobe_air 1.5.1.8210
... and 40 more
Published Oct 09, 2012
Tracked Since Feb 18, 2026