ID CVE-2012-5673
Summary Unspecified vulnerability in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 has unknown impact and attack vectors.
References
Vulnerable Configurations
  • Adobe Flash Player 10.3.181.14
    cpe:2.3:a:adobe:flash_player:10.3.181.14
  • Adobe Flash Player 10.3.181.16
    cpe:2.3:a:adobe:flash_player:10.3.181.16
  • Adobe Flash Player 10.3.181.22
    cpe:2.3:a:adobe:flash_player:10.3.181.22
  • Adobe Flash Player 10.3.181.23
    cpe:2.3:a:adobe:flash_player:10.3.181.23
  • Adobe Flash Player 10.3.181.26
    cpe:2.3:a:adobe:flash_player:10.3.181.26
  • Adobe Flash Player 10.3.181.34
    cpe:2.3:a:adobe:flash_player:10.3.181.34
  • Adobe Flash Player 10.3.183.5
    cpe:2.3:a:adobe:flash_player:10.3.183.5
  • Adobe Flash Player 10.3.183.7
    cpe:2.3:a:adobe:flash_player:10.3.183.7
  • Adobe Flash Player 10.3.183.10
    cpe:2.3:a:adobe:flash_player:10.3.183.10
  • Adobe Flash Player 10.3.183.11
    cpe:2.3:a:adobe:flash_player:10.3.183.11
  • Adobe Flash Player 10.3.183.15
    cpe:2.3:a:adobe:flash_player:10.3.183.15
  • Adobe Flash Player 10.3.183.16
    cpe:2.3:a:adobe:flash_player:10.3.183.16
  • Adobe Flash Player 10.3.183.18
    cpe:2.3:a:adobe:flash_player:10.3.183.18
  • Adobe Flash Player 10.3.183.19
    cpe:2.3:a:adobe:flash_player:10.3.183.19
  • Adobe Flash Player 10.3.183.20
    cpe:2.3:a:adobe:flash_player:10.3.183.20
  • Adobe Flash Player 10.3.183.23
    cpe:2.3:a:adobe:flash_player:10.3.183.23
  • Adobe Flash Player 10.3.183.25
    cpe:2.3:a:adobe:flash_player:10.3.183.25
  • Adobe Flash Player 11.4.4.02.265
    cpe:2.3:a:adobe:flash_player:11.4.402.265
  • Adobe Flash Player 11.4.402.278
    cpe:2.3:a:adobe:flash_player:11.4.402.278
  • Apple Mac OS X
    cpe:2.3:o:apple:mac_os_x
  • Microsoft Windows
    cpe:2.3:o:microsoft:windows
  • Adobe Flash Player 10.3.181.14
    cpe:2.3:a:adobe:flash_player:10.3.181.14
  • Adobe Flash Player 10.3.181.16
    cpe:2.3:a:adobe:flash_player:10.3.181.16
  • Adobe Flash Player 10.3.181.22
    cpe:2.3:a:adobe:flash_player:10.3.181.22
  • Adobe Flash Player 10.3.181.23
    cpe:2.3:a:adobe:flash_player:10.3.181.23
  • Adobe Flash Player 10.3.181.26
    cpe:2.3:a:adobe:flash_player:10.3.181.26
  • Adobe Flash Player 10.3.181.34
    cpe:2.3:a:adobe:flash_player:10.3.181.34
  • Adobe Flash Player 10.3.183.5
    cpe:2.3:a:adobe:flash_player:10.3.183.5
  • Adobe Flash Player 10.3.183.7
    cpe:2.3:a:adobe:flash_player:10.3.183.7
  • Adobe Flash Player 10.3.183.10
    cpe:2.3:a:adobe:flash_player:10.3.183.10
  • Adobe Flash Player 10.3.183.11
    cpe:2.3:a:adobe:flash_player:10.3.183.11
  • Adobe Flash Player 10.3.183.15
    cpe:2.3:a:adobe:flash_player:10.3.183.15
  • Adobe Flash Player 10.3.183.16
    cpe:2.3:a:adobe:flash_player:10.3.183.16
  • Adobe Flash Player 10.3.183.18
    cpe:2.3:a:adobe:flash_player:10.3.183.18
  • Adobe Flash Player 10.3.183.19
    cpe:2.3:a:adobe:flash_player:10.3.183.19
  • Adobe Flash Player 10.3.183.20
    cpe:2.3:a:adobe:flash_player:10.3.183.20
  • Adobe Flash Player 10.3.183.23
    cpe:2.3:a:adobe:flash_player:10.3.183.23
  • Adobe Flash Player 10.3.183.25
    cpe:2.3:a:adobe:flash_player:10.3.183.25
  • Adobe Flash Player 11.2.202.223
    cpe:2.3:a:adobe:flash_player:11.2.202.223
  • Adobe Flash Player 11.2.202.228
    cpe:2.3:a:adobe:flash_player:11.2.202.228
  • Adobe Flash Player 11.2.202.233
    cpe:2.3:a:adobe:flash_player:11.2.202.233
  • Adobe Flash Player 11.2.202.235
    cpe:2.3:a:adobe:flash_player:11.2.202.235
  • Adobe Flash Player 11.2.202.236
    cpe:2.3:a:adobe:flash_player:11.2.202.236
  • Adobe Flash Player 11.2.202.238
    cpe:2.3:a:adobe:flash_player:11.2.202.238
  • Linux Kernel
    cpe:2.3:o:linux:linux_kernel
  • Adobe Flash Player 11.1
    cpe:2.3:a:adobe:flash_player:11.1
  • Adobe Flash Player 11.1.102.55
    cpe:2.3:a:adobe:flash_player:11.1.102.55
  • Adobe Flash Player 11.1.102.55 (x64) 64-bit
    cpe:2.3:a:adobe:flash_player:11.1.102.55:-:-:-:-:-:x64
  • Adobe Flash Player 11.1.102.59
    cpe:2.3:a:adobe:flash_player:11.1.102.59
  • Adobe Flash Player 11.1.102.62
    cpe:2.3:a:adobe:flash_player:11.1.102.62
  • Adobe Flash Player 11.1.102.63
    cpe:2.3:a:adobe:flash_player:11.1.102.63
  • Adobe Flash Player 11.1.111.8
    cpe:2.3:a:adobe:flash_player:11.1.111.8
  • Google Android Operating System 2.0
    cpe:2.3:o:google:android:2.0
  • Google Android Operating System 2.0.1
    cpe:2.3:o:google:android:2.0.1
  • Google Android Operating System 2.1
    cpe:2.3:o:google:android:2.1
  • Google Android Operating System 2.2
    cpe:2.3:o:google:android:2.2
  • Google Android Operating System 2.2 Revision 1
    cpe:2.3:o:google:android:2.2:rev1
  • Google Android Operating System 2.2.1
    cpe:2.3:o:google:android:2.2.1
  • Google Android Operating System 2.2.2
    cpe:2.3:o:google:android:2.2.2
  • Google Android Operating System 2.2.3
    cpe:2.3:o:google:android:2.2.3
  • Google Android Operating System 2.3
    cpe:2.3:o:google:android:2.3
  • Google Android Operating System 2.3 Revision 1
    cpe:2.3:o:google:android:2.3:rev1
  • Google Android Operating System 2.3.1
    cpe:2.3:o:google:android:2.3.1
  • Google Android Operating System 2.3.2
    cpe:2.3:o:google:android:2.3.2
  • Google Android Operating System 2.3.3
    cpe:2.3:o:google:android:2.3.3
  • Google Android Operating System 2.3.4
    cpe:2.3:o:google:android:2.3.4
  • Google Android Operating System 2.3.5
    cpe:2.3:o:google:android:2.3.5
  • Google Android Operating System 2.3.6
    cpe:2.3:o:google:android:2.3.6
  • Google Android Operating System 2.3.7
    cpe:2.3:o:google:android:2.3.7
  • Google Android Operating System 3.0
    cpe:2.3:o:google:android:3.0
  • Google Android Operating System 3.1
    cpe:2.3:o:google:android:3.1
  • Google Android Operating System 3.2
    cpe:2.3:o:google:android:3.2
  • Google Android Operating System 3.2.1
    cpe:2.3:o:google:android:3.2.1
  • Google Android Operating System 3.2.2
    cpe:2.3:o:google:android:3.2.2
  • Google Android Operating System 3.2.4
    cpe:2.3:o:google:android:3.2.4
  • Google Android Operating System 3.2.6
    cpe:2.3:o:google:android:3.2.6
  • Adobe Flash Player 11.1
    cpe:2.3:a:adobe:flash_player:11.1
  • Adobe Flash Player 11.1.102.55
    cpe:2.3:a:adobe:flash_player:11.1.102.55
  • Adobe Flash Player 11.1.102.55 (x64) 64-bit
    cpe:2.3:a:adobe:flash_player:11.1.102.55:-:-:-:-:-:x64
  • Adobe Flash Player 11.1.102.59
    cpe:2.3:a:adobe:flash_player:11.1.102.59
  • Adobe Flash Player 11.1.102.62
    cpe:2.3:a:adobe:flash_player:11.1.102.62
  • Adobe Flash Player 11.1.102.63
    cpe:2.3:a:adobe:flash_player:11.1.102.63
  • Adobe Flash Player 11.1.111.8
    cpe:2.3:a:adobe:flash_player:11.1.111.8
  • Adobe Flash Player 11.1.111.44
    cpe:2.3:a:adobe:flash_player:11.1.111.44
  • Adobe Flash Player 11.1.111.50
    cpe:2.3:a:adobe:flash_player:11.1.111.50
  • Adobe Flash Player 11.1.111.54
    cpe:2.3:a:adobe:flash_player:11.1.111.54
  • Adobe Flash Player 11.1.111.64
    cpe:2.3:a:adobe:flash_player:11.1.111.64
  • Adobe Flash Player 11.1.111.73
    cpe:2.3:a:adobe:flash_player:11.1.111.73
  • Adobe Flash Player 11.1.115.7
    cpe:2.3:a:adobe:flash_player:11.1.115.7
  • Google Android Operating System 4.0
    cpe:2.3:o:google:android:4.0
  • Google Android Operating System 4.0.1
    cpe:2.3:o:google:android:4.0.1
  • Google Android Operating System 4.0.2
    cpe:2.3:o:google:android:4.0.2
  • Google Android Operating System 4.0.3
    cpe:2.3:o:google:android:4.0.3
  • Google Android Operating System 4.0.4
    cpe:2.3:o:google:android:4.0.4
  • Google Android Operating System 4.1
    cpe:2.3:o:google:android:4.1
  • Google Android Operating System 4.1.2
    cpe:2.3:o:google:android:4.1.2
  • Google Android Operating System 4.2 (Jelly Bean)
    cpe:2.3:o:google:android:4.2
  • Google Android Operating System 4.2.1
    cpe:2.3:o:google:android:4.2.1
  • Google Android Operating System 4.2.2
    cpe:2.3:o:google:android:4.2.2
  • Google Android Operating System 4.3
    cpe:2.3:o:google:android:4.3
  • Google Android Operating System 4.3.1
    cpe:2.3:o:google:android:4.3.1
  • Google Android Operating System 4.4
    cpe:2.3:o:google:android:4.4
  • Google Android Operating System 4.4.1
    cpe:2.3:o:google:android:4.4.1
  • Google Android Operating System 4.4.2
    cpe:2.3:o:google:android:4.4.2
  • Google Android Operating System 4.4.3
    cpe:2.3:o:google:android:4.4.3
  • Google Android Operating System 4.4.4
    cpe:2.3:o:google:android:4.4.4
CVSS
Base: 10.0 (as of 13-11-2012 - 14:50)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_FLASH_PLAYER_11_4_402_287.NASL
    description According to its version, the instance of Flash Player installed on the remote Mac OS X host is 11.x equal to or earlier than 11.4.402.264, or 10.x equal to or earlier than 10.3.183.23. It is, therefore, potentially affected by multiple vulnerabilities : - Several unspecified issues exist that can lead to buffer overflows and arbitrary code execution. (CVE-2012-5248, CVE-2012-5249, CVE-2012-5250, CVE-2012-5251, CVE-2012-5253, CVE-2012-5254, CVE-2012-5255, CVE-2012-5257, CVE-2012-5259, CVE-2012-5260, CVE-2012-5262, CVE-2012-5264, CVE-2012-5265, CVE-2012-5266, CVE-2012-5285, CVE-2012-5286, CVE-2012-5287) - Several unspecified issues exist that can lead to memory corruption and arbitrary code execution. (CVE-2012-5252, CVE-2012-5256, CVE-2012-5258, CVE-2012-5261, CVE-2012-5263, CVE-2012-5267, CVE-2012-5268, CVE-2012-5269, CVE-2012-5270, CVE-2012-5271, CVE-2012-5272) - An unspecified issue exists having unspecified impact. (CVE-2012-5673)
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 62482
    published 2012-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62482
    title Flash Player for Mac <= 10.3.183.23 / 11.4.402.265 Multiple Vulnerabilities (APSB12-22)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_36533A59277011E2BB44003067B2972C.NASL
    description Adobe reports : These vulnerabilities could cause a crash and potentially allow an attacker to take control of the affected system.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 62814
    published 2012-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62814
    title FreeBSD : linux-flashplugin -- multiple vulnerabilities (36533a59-2770-11e2-bb44-003067b2972c)
  • NASL family Windows
    NASL id FLASH_PLAYER_APSB12-22.NASL
    description According to its version, the instance of Flash Player installed on the remote Windows host is 11.x equal to or earlier than 11.4.402.278, or 10.x equal to or earlier than 10.3.183.23. It is, therefore, potentially affected by multiple vulnerabilities : - Several unspecified issues exist that can lead to buffer overflows and arbitrary code execution. (CVE-2012-5248, CVE-2012-5249, CVE-2012-5250, CVE-2012-5251, CVE-2012-5253, CVE-2012-5254, CVE-2012-5255, CVE-2012-5257, CVE-2012-5259, CVE-2012-5260, CVE-2012-5262, CVE-2012-5264, CVE-2012-5265, CVE-2012-5266, CVE-2012-5285, CVE-2012-5286, CVE-2012-5287) - Several unspecified issues exist that can lead to memory corruption and arbitrary code execution. (CVE-2012-5252, CVE-2012-5256, CVE-2012-5258, CVE-2012-5261, CVE-2012-5263, CVE-2012-5267, CVE-2012-5268, CVE-2012-5269, CVE-2012-5270, CVE-2012-5271, CVE-2012-5272) - An unspecified issue exists having unspecified impact. (CVE-2012-5673)
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 62480
    published 2012-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62480
    title Flash Player <= 10.3.183.23 / 11.4.402.278 Multiple Vulnerabilities (APSB12-22)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_ADOBE_AIR_3_4_0_2710.NASL
    description According to its version, the instance of Adobe AIR on the remote Mac OS X host is 3.4.0.2540 or earlier. It is, therefore, reportedly affected by multiple vulnerabilities : - Several unspecified issues exist that can lead to buffer overflows and arbitrary code execution. (CVE-2012-5248, CVE-2012-5249, CVE-2012-5250, CVE-2012-5251, CVE-2012-5253, CVE-2012-5254, CVE-2012-5255, CVE-2012-5257, CVE-2012-5259, CVE-2012-5260, CVE-2012-5262, CVE-2012-5264, CVE-2012-5265, CVE-2012-5266, CVE-2012-5285, CVE-2012-5286, CVE-2012-5287) - Several unspecified issues exist that can lead to memory corruption and arbitrary code execution. (CVE-2012-5252, CVE-2012-5256, CVE-2012-5258, CVE-2012-5261, CVE-2012-5263, CVE-2012-5267, CVE-2012-5268, CVE-2012-5269, CVE-2012-5270, CVE-2012-5271, CVE-2012-5272) - An unspecified issue exists having unspecified impact. (CVE-2012-5673)
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 62481
    published 2012-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62481
    title Adobe AIR for Mac 3.x <= 3.4.0.2540 Multiple Vulnerabilities (APSB12-22)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2012-1346.NASL
    description An updated Adobe Flash Player package that fixes several security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes several vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB12-22, listed in the References section. Specially crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. (CVE-2012-5248, CVE-2012-5249, CVE-2012-5250, CVE-2012-5251, CVE-2012-5252, CVE-2012-5253, CVE-2012-5254, CVE-2012-5255, CVE-2012-5256, CVE-2012-5257, CVE-2012-5258, CVE-2012-5259, CVE-2012-5260, CVE-2012-5261, CVE-2012-5262, CVE-2012-5263, CVE-2012-5264, CVE-2012-5265, CVE-2012-5266, CVE-2012-5267, CVE-2012-5268, CVE-2012-5269, CVE-2012-5270, CVE-2012-5271, CVE-2012-5272) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.243.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 62471
    published 2012-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62471
    title RHEL 5 / 6 : flash-plugin (RHSA-2012:1346)
  • NASL family Windows
    NASL id SMB_KB2758994.NASL
    description The remote host is missing KB2758994. It may, therefore, be affected by the following vulnerabilities related to the installed version of the Adobe Flash ActiveX control : - Multiple memory corruption errors exist that could lead to code execution. (CVE-2012-5248, CVE-2012-5249, CVE-2012-5250, CVE-2012-5251, CVE-2012-5252, CVE-2012-5256, CVE-2012-5258, CVE-2012-5261, CVE-2012-5263, CVE-2012-5267, CVE-2012-5268, CVE-2012-5269, CVE-2012-5270, CVE-2012-5271, CVE-2012-5272) - Multiple buffer overflow errors exist that could lead to code execution. (CVE-2012-5248, CVE-2012-5249, CVE-2012-5250, CVE-2012-5251, CVE-2012-5253, CVE-2012-5254, CVE-2012-5255, CVE-2012-5257, CVE-2012-5259, CVE-2012-5260, CVE-2012-5262, CVE-2012-5264, CVE-2012-5265, CVE-2012-5266, CVE-2012-5285, CVE-2012-5286, CVE-2012-5287) - An unspecified issue exists having unspecified impact. (CVE-2012-5673)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 62467
    published 2012-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62467
    title MS KB2758994: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10
  • NASL family Windows
    NASL id ADOBE_AIR_APSB12-22.NASL
    description According to its version, the instance of Adobe AIR on the remote Windows host is 3.4.0.2540 or earlier. It is, therefore, reportedly affected by multiple vulnerabilities : - Several unspecified issues exist that can lead to buffer overflows and arbitrary code execution. (CVE-2012-5248, CVE-2012-5249, CVE-2012-5250, CVE-2012-5251, CVE-2012-5253, CVE-2012-5254, CVE-2012-5255, CVE-2012-5257, CVE-2012-5259, CVE-2012-5260, CVE-2012-5262, CVE-2012-5264, CVE-2012-5265, CVE-2012-5266, CVE-2012-5285, CVE-2012-5286, CVE-2012-5287) - Several unspecified issues exist that can lead to memory corruption and arbitrary code execution. (CVE-2012-5252, CVE-2012-5256, CVE-2012-5258, CVE-2012-5261, CVE-2012-5263, CVE-2012-5267, CVE-2012-5268, CVE-2012-5269, CVE-2012-5270, CVE-2012-5271, CVE-2012-5272) - An unspecified issue exists having unspecified impact. (CVE-2012-5673)
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 62479
    published 2012-10-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=62479
    title Adobe AIR 3.x <= 3.4.0.2540 Multiple Vulnerabilities (APSB12-22)
redhat via4
advisories
bugzilla
id 864284
title flash-plugin: multiple code-execution flaws (APSB12-22)
oval
AND
  • comment flash-plugin is earlier than 0:11.2.202.243-1.el6
    oval oval:com.redhat.rhsa:tst:20121346005
  • comment flash-plugin is signed with Red Hat redhatrelease2 key
    oval oval:com.redhat.rhsa:tst:20100867006
  • OR
    • comment Red Hat Enterprise Linux 6 Client is installed
      oval oval:com.redhat.rhsa:tst:20100842001
    • comment Red Hat Enterprise Linux 6 Server is installed
      oval oval:com.redhat.rhsa:tst:20100842002
    • comment Red Hat Enterprise Linux 6 Workstation is installed
      oval oval:com.redhat.rhsa:tst:20100842003
    • comment Red Hat Enterprise Linux 6 ComputeNode is installed
      oval oval:com.redhat.rhsa:tst:20100842004
rhsa
id RHSA-2012:1346
released 2012-10-09
severity Critical
title RHSA-2012:1346: flash-plugin security update (Critical)
rpms flash-plugin-0:11.2.202.243-1.el6
refmap via4
bid 56377
confirm http://www.adobe.com/support/security/bulletins/apsb12-22.html
osvdb 86877
xf adobe-cve20125673-code-exec(79773)
Last major update 19-08-2013 - 23:18
Published 13-11-2012 - 08:39
Last modified 04-12-2018 - 12:58
Back to Top