CVE-2012-0779

2012-05-0419:55:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

124

cve-2012-0779

adobe flash player

remote code execution

vulnerability

nvd

windows

mac os x

linux

android

7.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.735 High

EPSS

Percentile

98.1%

JSON

Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows, Mac OS X, and Linux; before 11.1.111.9 on Android 2.x and 3.x; and before 11.1.115.8 on Android 4.x allows remote attackers to execute arbitrary code via a crafted file, related to an “object confusion vulnerability,” as exploited in the wild in May 2012.

CPENameOperatorVersion
adobe:flash_playeradobe flash playerlt10.3.183.19
adobe:flash_playeradobe flash playerle11.2.202.233
adobe:flash_playeradobe flash playerle11.1.111.8
adobe:flash_playeradobe flash playerle11.1.115.7

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	lt	10.3.183.19
adobe:flash_player	adobe flash player	le	11.2.202.233
adobe:flash_player	adobe flash player	le	11.1.111.8
adobe:flash_player	adobe flash player	le	11.1.115.7