Ubuntu.comUB:CVE-2012-5054CVE-2012-5054
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.433 Medium
EPSS
Percentile
97.4%
Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe
Flash Player before 11.4.402.265 allows remote attackers to execute
arbitrary code via malformed arguments.
Notes
| Author | Note |
|---|---|
| seth-arnold | โUsers of Adobe Flash Player 11.2.202.236 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.238.โ 11.3 and higher are for Windows and Mac OS X only. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | flashplugin-nonfree | <ย 11.2.202.238ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 11.04 | noarch | flashplugin-nonfree | <ย 11.2.202.238ubuntu0.11.04.1 | UNKNOWN |
| ubuntu | 11.10 | noarch | flashplugin-nonfree | <ย 11.2.202.238ubuntu0.11.10.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | flashplugin-nonfree | <ย 11.2.202.238ubuntu0.12.04.1 | UNKNOWN |
References
packetstormsecurity.org/files/116435/Adobe-Flash-Player-Matrix3D-Integer-Overflow-Code-Execution.html
www.adobe.com/support/security/bulletins/apsb12-19.html
www.vupen.com/english/services/ba-index.php
launchpad.net/bugs/cve/CVE-2012-5054
nvd.nist.gov/vuln/detail/CVE-2012-5054
security-tracker.debian.org/tracker/CVE-2012-5054
www.cve.org/CVERecord?id=CVE-2012-5054
Related
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.433 Medium
EPSS
Percentile
97.4%