Strix
26.1K

CVE-2012-5260

UnknownEPSS 7.27%

Last modified

CVE-2012-5260 is a vulnerability of currently unknown severity. Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.. EPSS estimates a 7.27% chance of exploitation in the next 30 days.

Description

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.

Metrics

EPSS Probability
7.27%

93.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
AdobeFlash Player<= 10.3.183.25
AdobeFlash Player10.1.85.3
AdobeFlash Player10.1.102.64
AdobeFlash Player10.2.152.26
AdobeFlash Player10.2.152.32
AdobeFlash Player10.2.153.1
AdobeFlash Player10.2.159.1
AdobeFlash Player10.3.181.14
AdobeFlash Player10.3.181.16
AdobeFlash Player10.3.181.22
AdobeFlash Player10.3.181.26
AdobeFlash Player10.3.181.34
AdobeFlash Player10.3.183.5
AdobeFlash Player10.3.183.7
AdobeFlash Player10.3.183.10
AdobeFlash Player10.3.183.11
AdobeFlash Player10.3.183.15
AdobeFlash Player10.3.183.16
AdobeFlash Player10.3.183.18
AdobeFlash Player10.3.183.20
AdobeFlash Player10.3.183.23
AdobeFlash Player11.0.1.152
AdobeFlash Player11.1.102.55
AdobeFlash Player11.1.102.62
AdobeFlash Player11.1.102.63
AdobeFlash Player11.2.202.223
AdobeFlash Player11.2.202.228
AdobeFlash Player11.2.202.233
AdobeFlash Player11.2.202.235
AdobeFlash Player11.2.202.238
AdobeFlash Player11.2.202.243
AdobeFlash Player11.3.300.257
AdobeFlash Player11.3.300.262
AdobeFlash Player11.3.300.265
AdobeFlash Player11.3.300.268
AdobeFlash Player11.3.300.271
AdobeFlash Player11.3.300.273
AdobeFlash Player11.4.402.265
AdobeFlash Player11.4.402.278
AdobeFlash Player For Android<= 11.1.111.16
AdobeFlash Player For Android10.1.106.17
AdobeFlash Player For Android10.2.157.51
AdobeFlash Player For Android10.3.186.7
AdobeFlash Player For Android11.0.1.153
AdobeFlash Player For Android11.1.102.59
AdobeFlash Player For Android11.1.111.5
AdobeFlash Player For Android11.1.111.7
AdobeFlash Player For Android11.1.111.8
AdobeFlash Player For Android11.1.111.9
AdobeFlash Player For Android11.1.111.10

Showing 50 of 98 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2012-5260?
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.
How severe is CVE-2012-5260?
Severity scoring for CVE-2012-5260 is pending analysis. The EPSS model estimates a 7.27% probability of exploitation in the next 30 days.
How do I fix CVE-2012-5260?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2012-5260?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST