CVE-2012-1535

2012-08-1510:31:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

844

In Wild

cve-2012-1535

adobe flash player

vulnerability

remote code execution

denial of service

swf content

nvd

exploit

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.937 High

EPSS

Percentile

99.1%

JSON

Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted SWF content, as exploited in the wild in August 2012 with SWF content in a Word document.

CPENameOperatorVersion
adobe:flash_playeradobe flash playerle11.3.300.270
adobe:flash_playeradobe flash playereq2
adobe:flash_playeradobe flash playereq3
adobe:flash_playeradobe flash playereq4
adobe:flash_playeradobe flash playereq5
adobe:flash_playeradobe flash playereq6
adobe:flash_playeradobe flash playereq6.0.21.0
adobe:flash_playeradobe flash playereq6.0.79
adobe:flash_playeradobe flash playereq7.0
adobe:flash_playeradobe flash playereq7.0.1

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	le	11.3.300.270
adobe:flash_player	adobe flash player	eq	2
adobe:flash_player	adobe flash player	eq	3
adobe:flash_player	adobe flash player	eq	4
adobe:flash_player	adobe flash player	eq	5
adobe:flash_player	adobe flash player	eq	6
adobe:flash_player	adobe flash player	eq	6.0.21.0
adobe:flash_player	adobe flash player	eq	6.0.79
adobe:flash_player	adobe flash player	eq	7.0
adobe:flash_player	adobe flash player	eq	7.0.1