Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-201204-07
HistoryApr 17, 2012 - 12:00 a.m.

Adobe Flash Player: Multiple vulnerabilities

2012-04-1700:00:00
Gentoo Foundation
security.gentoo.org
17

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.973 High

EPSS

Percentile

99.9%

JSON

Background

The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites.

Description

Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details.

Impact

A remote attacker could entice a user to open a specially crafted SWF file, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to bypass intended access restrictions, bypass cross-domain policy, inject arbitrary web script, or obtain sensitive information.

Workaround

There is no known workaround at this time.

Resolution

All Adobe Flash Player users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose
 ">=www-plugins/adobe-flash-11.2.202.228"
OSVersionArchitecturePackageVersionFilename
Gentooanyallwww-plugins/adobe-flash< 11.2.202.228UNKNOWN

Related

openvas 31
nessus 40
freebsd 3
suse 12
redhat 4
securityvulns 9
prion 21
cve 18
ubuntucve 19
threatpost 6
seebug 5
checkpoint_advisories 18
symantec 2
canvas 1
metasploit 1
saint 4
cisa_kev 1
attackerkb 1
zdi 2
packetstorm 1
openvas
openvas
Gentoo Security Advisory GLSA 201204-07 (Adobe Flash Player)
2012-04-30 00:00:00
Gentoo Security Advisory GLSA 201204-07 (Adobe Flash Player)
2012-04-30 00:00:00
FreeBSD Ports: linux-f10-flashplugin
2012-02-13 00:00:00
nessus
nessus
GLSA-201204-07 : Adobe Flash Player: Multiple vulnerabilities
2012-06-21 00:00:00
Oracle Solaris Third-Party Patch Update : flash (multiple_vulnerabilities_in_adobe_flashplayer4)
2015-01-19 00:00:00
Adobe AIR <= 3.0 Multiple Vulnerabilities (APSB11-28)
2011-11-28 00:00:00
freebsd
freebsd
linux-flashplugin -- multiple vulnerabilities
2011-11-10 00:00:00
linux-flashplugin -- multiple vulnerabilities
2012-02-15 00:00:00
linux-flashplugin -- multiple vulnerabilities
2012-03-05 00:00:00
suse
suse
Security update for flash-player (critical)
2011-11-15 16:08:21
remote code execution in flash-player
2011-11-17 11:56:32
VUL-0: flash-player: sec. update to version 11.1.102.55 (critical)
2011-11-16 17:08:30
redhat
redhat
(RHSA-2011:1445) Critical: flash-plugin security update
2011-11-11 00:00:00
(RHSA-2012:0144) Critical: flash-plugin security update
2012-02-17 00:00:00
(RHSA-2012:0359) Critical: flash-plugin security update
2012-03-06 00:00:00
securityvulns
securityvulns
Adobe Flash Player multiple security vulnerabilities
2011-12-26 00:00:00
http://www.adobe.com/support/security/bulletins/apsb12-03.html
2012-02-16 00:00:00
Adobe Flash Player multiple security vulnerabilities
2012-06-13 00:00:00
prion
prion
Memory corruption
2011-11-11 16:55:00
Memory corruption
2011-11-11 16:55:00
Memory corruption
2011-11-11 16:55:00
cve
cve
CVE-2011-2455
2011-11-11 16:55:00
CVE-2011-2451
2011-11-11 16:55:00
CVE-2011-2454
2011-11-11 16:55:00
ubuntucve
ubuntucve
CVE-2011-2451
2011-11-11 00:00:00
CVE-2011-2445
2011-11-11 00:00:00
CVE-2011-2460
2011-11-11 00:00:00
threatpost
threatpost
Adobe Issues Emergency Fix For Flash Player Vulnerabilities
2012-03-05 20:23:24
Paul Judge on Measuring the Hotness of Security
2012-03-05 18:24:07
Months After A Patch, Targeted Attacks Still Using Adobe Flash Bug
2012-05-23 19:12:04
seebug
seebug
Adobe Flash Player远程内存破坏漏洞(CVE-2012-0752)
2012-02-16 00:00:00
Adobe Flash Player跨域安全限制绕过漏洞
2011-11-16 00:00:00
Adobe Flash Player 远程代码执行漏洞(CVE-2012-0768)
2012-03-06 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player ActionScript2 Stack Buffer Overflow (APSB11-28; CVE-2011-2457)
2011-11-22 00:00:00
Adobe Flash Player Layered Animation Object Buffer Overflow (APSB11-28; CVE-2011-2460)
2011-11-29 00:00:00
Adobe Flash Player Overlapping Records Memory Corruption (APSB11-28; CVE-2011-2453)
2011-11-29 00:00:00
symantec
symantec
Adobe Flash Player CVE-2011-2452 Remote Memory Corruption Vulnerability
2011-11-09 00:00:00
Adobe Flash Player CVE-2012-0754 Remote Memory Corruption Vulnerability
2012-02-15 00:00:00
canvas
canvas
Immunity Canvas: ADOBE_FLASH_MP4_CPRT
2012-02-16 19:55:00
metasploit
metasploit
Adobe Flash Player MP4 'cprt' Overflow
2012-03-09 00:56:58
saint
saint
Adobe Flash Player MP4 Copyright Statement Overflow
2012-03-08 00:00:00
Adobe Flash Player MP4 Copyright Statement Overflow
2012-03-08 00:00:00
Adobe Flash Player MP4 Copyright Statement Overflow
2012-03-08 00:00:00
cisa_kev
cisa_kev
Adobe Flash Player Memory Corruption Vulnerability
2022-06-08 00:00:00
attackerkb
attackerkb
CVE-2012-0754
2012-02-16 00:00:00
zdi
zdi
Adobe Flash Player MP4 Stream Decoding Remote Code Execution Vulnerability
2012-06-06 00:00:00
Adobe Flash ASconstructor Function Call Remote Code Execution Vulnerability
2012-03-22 00:00:00
packetstorm
packetstorm
Adobe Flash Player .mp4 'cprt' Overflow
2012-03-08 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.973 High

EPSS

Percentile

99.9%

JSON
Related for GLSA-201204-07
openvas31nessus40freebsd3suse12redhat4securityvulns9prion21cve18ubuntucve19threatpost6seebug5checkpoint_advisories18symantec2canvas1metasploit1saint4cisa_kev1attackerkb1zdi2packetstorm1