CVE-2012-2034

2012-06-0900:55:00

CWE-119

[email protected]

web.nvd.nist.gov

913

In Wild

adobe

flash player

adobe air

cve-2012-2034

vulnerability

arbitrary code execution

denial of service

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.014 Low

EPSS

Percentile

86.5%

JSON

Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2037.

CPENameOperatorVersion
adobe:flash_playeradobe flash playerle11.2.202.235
adobe:flash_playeradobe flash playerle11.1.115.8
adobe:flash_playeradobe flash playerle11.1.111.9
adobe:airadobe airle3.2.0.2070
suse:linux_enterprise_desktopsuse linux enterprise desktopeq11
opensuse:opensuseopensuseeq11.4
suse:linux_enterprise_desktopsuse linux enterprise desktopeq10
opensuse:opensuseopensuseeq12.1
redhat:enterprise_linux_serverredhat enterprise linux servereq5.0
redhat:enterprise_linux_server_ausredhat enterprise linux server auseq6.2

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	le	11.2.202.235
adobe:flash_player	adobe flash player	le	11.1.115.8
adobe:flash_player	adobe flash player	le	11.1.111.9
adobe:air	adobe air	le	3.2.0.2070
suse:linux_enterprise_desktop	suse linux enterprise desktop	eq	11
opensuse:opensuse	opensuse	eq	11.4
suse:linux_enterprise_desktop	suse linux enterprise desktop	eq	10
opensuse:opensuse	opensuse	eq	12.1
redhat:enterprise_linux_server	redhat enterprise linux server	eq	5.0
redhat:enterprise_linux_server_aus	redhat enterprise linux server aus	eq	6.2