CVE-2012-4174
UnknownEPSS 9.57%
Last modified
CVE-2012-4174 is a vulnerability of currently unknown severity. Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4172, CVE-2012-4173, CVE-2012-4175, and CVE-2012-5273.. EPSS estimates a 9.57% chance of exploitation in the next 30 days.
Description
Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4172, CVE-2012-4173, CVE-2012-4175, and CVE-2012-5273.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Adobe | Shockwave Player | <= 11.6.7.637 |
| Adobe | Shockwave Player | 1.0 |
| Adobe | Shockwave Player | 2.0 |
| Adobe | Shockwave Player | 3.0 |
| Adobe | Shockwave Player | 4.0 |
| Adobe | Shockwave Player | 5.0 |
| Adobe | Shockwave Player | 6.0 |
| Adobe | Shockwave Player | 8.0 |
| Adobe | Shockwave Player | 8.0.196 |
| Adobe | Shockwave Player | 8.0.196a |
| Adobe | Shockwave Player | 8.0.204 |
| Adobe | Shockwave Player | 8.0.205 |
| Adobe | Shockwave Player | 8.5.1 |
| Adobe | Shockwave Player | 8.5.1.100 |
| Adobe | Shockwave Player | 8.5.1.103 |
| Adobe | Shockwave Player | 8.5.1.105 |
| Adobe | Shockwave Player | 8.5.1.106 |
| Adobe | Shockwave Player | 8.5.321 |
| Adobe | Shockwave Player | 8.5.323 |
| Adobe | Shockwave Player | 8.5.324 |
| Adobe | Shockwave Player | 8.5.325 |
| Adobe | Shockwave Player | 9.0.383 |
| Adobe | Shockwave Player | 9.0.432 |
| Adobe | Shockwave Player | 10.0.0.210 |
| Adobe | Shockwave Player | 10.0.1.004 |
| Adobe | Shockwave Player | 10.1.0.11 |
| Adobe | Shockwave Player | 10.1.0.011 |
| Adobe | Shockwave Player | 10.1.1.016 |
| Adobe | Shockwave Player | 10.1.4.020 |
| Adobe | Shockwave Player | 10.2.0.021 |
| Adobe | Shockwave Player | 10.2.0.022 |
| Adobe | Shockwave Player | 10.2.0.023 |
| Adobe | Shockwave Player | 11.0.0.456 |
| Adobe | Shockwave Player | 11.0.3.471 |
| Adobe | Shockwave Player | 11.5.0.595 |
| Adobe | Shockwave Player | 11.5.0.596 |
| Adobe | Shockwave Player | 11.5.1.601 |
| Adobe | Shockwave Player | 11.5.2.602 |
| Adobe | Shockwave Player | 11.5.6.606 |
| Adobe | Shockwave Player | 11.5.7.609 |
| Adobe | Shockwave Player | 11.5.8.612 |
| Adobe | Shockwave Player | 11.5.9.615 |
| Adobe | Shockwave Player | 11.5.9.620 |
| Adobe | Shockwave Player | 11.5.10.620 |
| Adobe | Shockwave Player | 11.6.0.626 |
| Adobe | Shockwave Player | 11.6.1.629 |
| Adobe | Shockwave Player | 11.6.3.633 |
| Adobe | Shockwave Player | 11.6.4.634 |
| Adobe | Shockwave Player | 11.6.5.635 |
| Adobe | Shockwave Player | 11.6.6.636 |
References
- http://www.adobe.com/support/security/bulletins/apsb12-23.htmlPatch, Vendor Advisory
- http://www.kb.cert.org/vuls/id/872545US Government Resource
- http://www.adobe.com/support/security/bulletins/apsb12-23.htmlPatch, Vendor Advisory
- http://www.kb.cert.org/vuls/id/872545US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2012-4174?
Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4172, CVE-2012-4173, CVE-2012-4175, and CVE-2012-5273.
How severe is CVE-2012-4174?
Severity scoring for CVE-2012-4174 is pending analysis. The EPSS model estimates a 9.57% probability of exploitation in the next 30 days.
How do I fix CVE-2012-4174?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2012-4174?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST