Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations | |||
---|---|---|---|
Name | CVE-2012-5054 | First vendor Publication | 2012-09-24 |
Vendor | Cve | Last vendor Modification | 2018-10-30 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5054 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:20880 | |||
Oval ID: | oval:org.mitre.oval:def:20880 | ||
Title: | Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 and Adobe AIR before 3.4.0.2540 on Windows, allow attackers to cause a denial of service (application crash) by leveraging a logic error during handling of Firefox dialogs | ||
Description: | Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5054 | Version: | 11 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Adobe Flash Player Adobe Air |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21289 | |||
Oval ID: | oval:org.mitre.oval:def:21289 | ||
Title: | RHSA-2012:1173: flash-plugin security update (Critical) | ||
Description: | Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1173-01 CVE-2012-1535 CVE-2012-4163 CVE-2012-4164 CVE-2012-4165 CVE-2012-4166 CVE-2012-4167 CVE-2012-4168 CVE-2012-5054 | Version: | 107 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | flash-plugin |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:23957 | |||
Oval ID: | oval:org.mitre.oval:def:23957 | ||
Title: | ELSA-2012:1173: flash-plugin security update (Critical) | ||
Description: | Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:1173-01 CVE-2012-1535 CVE-2012-4163 CVE-2012-4164 CVE-2012-4165 CVE-2012-4166 CVE-2012-4167 CVE-2012-4168 CVE-2012-5054 | Version: | 37 |
Platform(s): | Oracle Linux 6 | Product(s): | flash-plugin |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-09-03 | Name : Adobe Flash Player Multiple Vulnerabilities - Sep12 (Linux) File : nvt/gb_adobe_flash_player_mult_vuln_sep12_lin.nasl |
2012-08-24 | Name : Adobe Flash Player Multiple Vulnerabilities -01 August 12 (Mac OS X) File : nvt/gb_adobe_prdts_mult_vuln01_aug12_macosx.nasl |
2012-08-24 | Name : Adobe Flash Player Multiple Vulnerabilities -01 August 12 (Windows) File : nvt/gb_adobe_prdts_mult_vuln01_aug12_win.nasl |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt RuleID : 28745 - Revision : 7 - Type : FILE-FLASH |
2014-01-10 | Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt RuleID : 28744 - Revision : 7 - Type : FILE-FLASH |
2014-01-10 | Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt RuleID : 24245 - Revision : 10 - Type : FILE-FLASH |
2014-01-10 | Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt RuleID : 24244 - Revision : 10 - Type : FILE-FLASH |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-01-24 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2012-1203.nasl - Type : ACT_GATHER_INFO |
2012-09-21 | Name : The remote host has an ActiveX control installed with multiple vulnerabilities. File : smb_kb2755399.nasl - Type : ACT_GATHER_INFO |
2012-08-22 | Name : The remote Windows host has a browser plugin that is affected by multiple vul... File : flash_player_apsb12-19.nasl - Type : ACT_GATHER_INFO |
2012-08-22 | Name : The remote Mac OS X host has a browser plugin that is affected by a remote co... File : macosx_flash_player_11_4_402_265.nasl - Type : ACT_GATHER_INFO |
2012-08-16 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2012-1173.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:21:53 |
|
2021-04-22 01:26:02 |
|
2020-05-23 01:49:56 |
|
2020-05-23 00:34:53 |
|
2019-07-18 12:04:48 |
|
2019-06-18 12:04:34 |
|
2019-06-15 12:04:49 |
|
2018-10-31 00:20:21 |
|
2018-10-30 12:05:20 |
|
2018-03-09 12:01:08 |
|
2017-09-08 12:03:24 |
|
2017-08-29 09:24:03 |
|
2016-11-05 12:03:13 |
|
2016-10-18 12:02:51 |
|
2016-10-15 01:01:01 |
|
2016-09-22 12:01:18 |
|
2016-07-16 12:00:55 |
|
2016-06-28 22:05:50 |
|
2016-04-26 22:20:54 |
|
2014-02-17 11:13:44 |
|
2014-01-19 21:28:55 |
|
2013-05-30 13:23:23 |
|
2013-05-10 22:47:17 |
|