Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:A145AC40B5A9B854E5E8028916AEE025
HistoryJun 29, 2012 - 12:00 a.m.

Adobe Flash Player Object Confusion Code Execution

2012-06-2900:00:00
SAINT Corporation
www.saintcorporation.com
19

0.776 High

EPSS

Percentile

97.9%

JSON

Added: 06/29/2012
CVE: CVE-2012-0779
BID: 53395
OSVDB: 81656

Background

Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages.

Problem

Adobe Flash Player 11.2.202.233 (and earlier) on Windows is vulnerable to an “object confusion” vulnerability. A remote attacker who convinces a user with the vulnerable Flash Player to open a specially crafted file could exploit this issue to execute arbitrary code in the context of the user running the affected application.

Resolution

Update to Flash Player 11.2.202.235 or newer on Windows systems.

References

<http://www.adobe.com/support/security/bulletins/apsb12-09.html&gt;
<http://blogs.technet.com/b/mmpc/archive/2012/05/24/a-technical-analysis-of-adobe-flash-player-cve-2012-0779-vulnerability.aspx&gt;

Limitations

This exploit has been tested against Adobe Systems Flash Player 11.2.202.233 on Microsoft Windows XP SP3 English (DEP OptIn) and Microsoft Windows 7 SP1 (DEP OptIn).

The HTML page must be opened using Firefox 12 (only on Windows XP) or Internet Explorer 7, 8, or 9 on the target.

JRE 6 must be installed on Windows 7.

Platforms

Windows

Related

checkpoint_advisories 1
seebug 2
openvas 10
nessus 7
metasploit 1
redhat 1
suse 3
symantec 1
prion 1
saint 3
packetstorm 1
cve 1
ubuntucve 1
securityvulns 1
threatpost 3
cvelist 1
exploitdb 1
thn 1
gentoo 1
myhack58 1
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Object Confusion Code Execution (APSB12-09; CVE-2012-0779)
2012-05-14 00:00:00
seebug
seebug
Adobe Flash Player Object Type Confusion
2014-07-01 00:00:00
Adobe Flash Player对象类型混淆远程代码执行漏洞(CVE-2012-0779)
2012-05-09 00:00:00
openvas
openvas
Adobe Flash Player Object Confusion Remote Code Execution Vulnerability - Mac OS X
2012-05-08 00:00:00
Adobe Flash Player Object Confusion Remote Code Execution Vulnerability (Windows)
2012-05-08 00:00:00
openSUSE: Security Advisory for update (openSUSE-SU-2012:0594-1)
2012-12-13 00:00:00
nessus
nessus
Flash Player for Mac <= 10.3.183.18 / 11.2.202.233 Object Confusion Vulnerability (APSB12-09)
2012-05-04 00:00:00
Flash Player <= 10.3.183.18 / 11.2.202.233 Object Confusion Vulnerability (APSB12-09)
2012-05-04 00:00:00
openSUSE Security Update : flash-player (openSUSE-SU-2012:0594-1)
2014-06-13 00:00:00
metasploit
metasploit
Adobe Flash Player Object Type Confusion
2012-06-22 22:21:18
redhat
redhat
(RHSA-2012:0688) Critical: flash-plugin security update
2012-05-23 00:00:00
suse
suse
update for flash-player (critical)
2012-05-08 14:08:27
Security update for flash-player (critical)
2012-05-08 17:08:45
Security update for flash-player (critical)
2012-05-20 03:08:21
symantec
symantec
Adobe Flash Player CVE-2012-0779 Object Type Confusion Remote Code Execution Vulnerability
2012-05-04 00:00:00
prion
prion
Design/Logic Flaw
2012-05-04 19:55:00
saint
saint
Adobe Flash Player Object Confusion Code Execution
2012-06-29 00:00:00
Adobe Flash Player Object Confusion Code Execution
2012-06-29 00:00:00
Adobe Flash Player Object Confusion Code Execution
2012-06-29 00:00:00
packetstorm
packetstorm
Adobe Flash Player Object Type Confusion
2012-06-23 00:00:00
cve
cve
CVE-2012-0779
2012-05-04 19:55:00
ubuntucve
ubuntucve
CVE-2012-0779
2012-05-04 00:00:00
securityvulns
securityvulns
Adobe Flash Player memory corruption
2012-05-09 00:00:00
threatpost
threatpost
Adobe Releases Patch for Flash Bug Being Used in Targeted Attacks
2012-05-04 15:58:21
Report: Strategic Web Compromises Behind Recent Hack of Amnesty, Others
2012-05-16 21:01:53
'Elderwood' Crew, Tied to Google Aurora Attack, Targeting Defense, Energy, Finance Companies
2012-09-07 14:41:30
cvelist
cvelist
CVE-2012-0779
2012-05-04 19:00:00
exploitdb
exploitdb
Adobe Flash Player - Object Type Confusion (Metasploit)
2012-06-25 00:00:00
thn
thn
Operation Aurora - Other Zero-Day Attacks targeting finance and Energy
2012-09-08 08:36:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2012-06-23 00:00:00
myhack58
myhack58
The macro perspective of the office vulnerability, 2010-2018-a vulnerability warning-the black bar safety net
2019-06-13 00:00:00

0.776 High

EPSS

Percentile

97.9%

JSON
Related for SAINT:A145AC40B5A9B854E5E8028916AEE025
checkpoint_advisories1seebug2openvas10nessus7metasploit1redhat1suse3symantec1prion1saint3packetstorm1cve1ubuntucve1securityvulns1threatpost3cvelist1exploitdb1thn1gentoo1myhack581