ID

VAR-201202-0247


CVE

CVE-2012-0751


TITLE

Adobe Flash Player of ActiveX Vulnerability in arbitrary code execution in control

Trust: 0.8

sources: JVNDB: JVNDB-2012-001498

DESCRIPTION

The ActiveX control in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Flash Player is prone to an unspecified remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. ---------------------------------------------------------------------- Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch ---------------------------------------------------------------------- TITLE: Google Chrome Multiple Vulnerabilities SECUNIA ADVISORY ID: SA48265 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48265/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48265 RELEASE DATE: 2012-03-05 DISCUSS ADVISORY: http://secunia.com/advisories/48265/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/48265/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=48265 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Google Chrome, where one has an unknown impact and others can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system. 1) A use-after-free error exists within v8 element wrapper handling. 2) A use-after-free error exists within SVG value handling. 3) A buffer overflow exists within the Skia drawing library. 4) A use-after-free error exists within SVG document handling. 5) A use-after-free error exists within SVG use handling. 6) A casting error exists within line box handling. 7) A casting error exists within anonymous block splitting. 8) A use-after-free error exists within multi-column handling. 9) A use-after-free error exists within quote handling. 10) An out-of-bounds read error exists within text handling. 11) A use-after-free error exists within class attribute handling. 12) A use-after-free error exists within table section handling. 13) A use-after-free error exists within flexbox with floats handling. 14) A use-after-free error exists within SVG animation elements handling. For more information: SA48033 SOLUTION: Update to version 17.0.963.65. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Chamal de Silva 2, 4, 5, 14) Arthur Gerkis 3) Aki Helin, OUSPG 6, 7, 8, 9, 10, 11, 12, 13) miaubiz ORIGINAL ADVISORY: http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . ---------------------------------------------------------------------- Secunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March Listen to our Chief Security Specialist, Research Analyst Director, and Director Product Management & Quality Assurance discuss the industry's key topics. Also, visit the Secunia stand #817. 1) An unspecified error in an ActiveX Control can be exploited to corrupt memory. 2) A type confusion error can be exploited to corrupt memory. 3) An unspecified error related to MP4 parsing can be exploited to corrupt memory. 4) An unspecified error can be exploited to corrupt memory. 5) An unspecified error can be exploited to bypass certain security restrictions. 6) An unspecified error can be exploited to bypass certain security restrictions. Successful exploitation of the vulnerabilities #1 through #6 may allow execution of arbitrary code. 7) Certain unspecified input is not properly sanitised before being returned to the user. NOTE: This vulnerability is reportedly being actively exploited in targeted attacks

Trust: 2.16

sources: NVD: CVE-2012-0751 // JVNDB: JVNDB-2012-001498 // BID: 52037 // VULHUB: VHN-54032 // PACKETSTORM: 110463 // PACKETSTORM: 109859

AFFECTED PRODUCTS

vendor:adobemodel:flash playerscope:ltversion:11.1.102.62

Trust: 1.0

vendor:adobemodel:flash playerscope:ltversion:10.3.183.15

Trust: 1.0

vendor:adobemodel:flash playerscope:gteversion:11.0

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:11.1.102.62

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:11.x

Trust: 0.8

vendor:adobemodel:flash playerscope:eqversion:7

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:6

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:7.0.1

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:3

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:7.0

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:4

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:2

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:6.0.79

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:6.0.21.0

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:5

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:10.3.185.21

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.22

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.3218

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.12.35

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.0.1.152

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.15.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.21

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.157.51

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.53.64

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.26

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.14

Trust: 0.3

vendor:adobemodel:flash playerscope:neversion:11.1.102.62

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.25

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.92.8

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.4

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.159.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.102.55

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.25

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.34

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.52.15

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.23

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp1 for sp2scope:eqversion:11

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.105.6

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.32

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.95.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.24

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.156.12

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.16

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.2

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.95.2

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.42.34

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.33

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.22

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.22.87

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.51.66

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.13

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.4

Trust: 0.3

vendor:adobemodel:flash player release candidascope:eqversion:10.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.85.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.27

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp1scope:eqversion:11

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.18

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.28

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.23

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.82.76

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.52.14.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.32.18

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.153.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.5

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.92.10

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.106.16

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.452

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.102.65

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.12.36

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.10

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.6

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.102.64

Trust: 0.3

sources: BID: 52037 // JVNDB: JVNDB-2012-001498 // CNNVD: CNNVD-201202-319 // NVD: CVE-2012-0751

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-0751
value: HIGH

Trust: 1.0

NVD: CVE-2012-0751
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201202-319
value: CRITICAL

Trust: 0.6

VULHUB: VHN-54032
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2012-0751
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-54032
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-54032 // JVNDB: JVNDB-2012-001498 // CNNVD: CNNVD-201202-319 // NVD: CVE-2012-0751

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

sources: VULHUB: VHN-54032 // NVD: CVE-2012-0751

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201202-319

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201202-319

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-001498

PATCH

title:APSB12-03url:http://www.adobe.com/support/security/bulletins/apsb12-03.html

Trust: 0.8

title:APSB12-03url:http://www.adobe.com/jp/support/security/bulletins/apsb12-03.html

Trust: 0.8

title:APSB12-03 (cpsid_93112)url:http://kb2.adobe.com/jp/cps/931/cpsid_93112.html

Trust: 0.8

title:アドビ システムズ社 Adobe Flash Player の脆弱性に関するお知らせurl:http://www.fmworld.net/biz/common/adobe/20120217f.html

Trust: 0.8

title:Adobe Flash Player Repair measures for memory corruption vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=223264

Trust: 0.6

sources: JVNDB: JVNDB-2012-001498 // CNNVD: CNNVD-201202-319

EXTERNAL IDS

db:NVDid:CVE-2012-0751

Trust: 2.8

db:SECUNIAid:48265

Trust: 1.8

db:JVNDBid:JVNDB-2012-001498

Trust: 0.8

db:CNNVDid:CNNVD-201202-319

Trust: 0.6

db:BIDid:52037

Trust: 0.4

db:VULHUBid:VHN-54032

Trust: 0.1

db:PACKETSTORMid:110463

Trust: 0.1

db:SECUNIAid:48033

Trust: 0.1

db:PACKETSTORMid:109859

Trust: 0.1

sources: VULHUB: VHN-54032 // BID: 52037 // JVNDB: JVNDB-2012-001498 // PACKETSTORM: 110463 // PACKETSTORM: 109859 // CNNVD: CNNVD-201202-319 // NVD: CVE-2012-0751

REFERENCES

url:http://www.adobe.com/support/security/bulletins/apsb12-03.html

Trust: 2.1

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14985

Trust: 1.7

url:http://secunia.com/advisories/48265

Trust: 1.7

url:http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html

Trust: 1.7

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0751

Trust: 0.8

url:https://www.jpcert.or.jp/at/2012/at120006.txt

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0751

Trust: 0.8

url:http://www.npa.go.jp/cyberpolice/#topics

Trust: 0.8

url:http://www.adobe.com

Trust: 0.3

url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

Trust: 0.2

url:http://secunia.com/vulnerability_intelligence/

Trust: 0.2

url:http://secunia.com/advisories/secunia_security_advisories/

Trust: 0.2

url:http://secunia.com/vulnerability_scanning/personal/

Trust: 0.2

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.2

url:http://secunia.com/advisories/about_secunia_advisories/

Trust: 0.2

url:http://secunia.com/advisories/48265/

Trust: 0.1

url:http://secunia.com/psi_30_beta_launch

Trust: 0.1

url:http://secunia.com/advisories/48265/#comments

Trust: 0.1

url:http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=48265

Trust: 0.1

url:http://secunia.com/advisories/48033/

Trust: 0.1

url:http://www.rsaconference.com/events/2012/usa/index.htm

Trust: 0.1

url:https://ca.secunia.com/?page=viewadvisory&vuln_id=48033

Trust: 0.1

url:http://secunia.com/advisories/48033/#comments

Trust: 0.1

sources: VULHUB: VHN-54032 // BID: 52037 // JVNDB: JVNDB-2012-001498 // PACKETSTORM: 110463 // PACKETSTORM: 109859 // CNNVD: CNNVD-201202-319 // NVD: CVE-2012-0751

CREDITS

Xu Liu of Fortinet´s FortiGuard Labs

Trust: 0.6

sources: CNNVD: CNNVD-201202-319

SOURCES

db:VULHUBid:VHN-54032
db:BIDid:52037
db:JVNDBid:JVNDB-2012-001498
db:PACKETSTORMid:110463
db:PACKETSTORMid:109859
db:CNNVDid:CNNVD-201202-319
db:NVDid:CVE-2012-0751

LAST UPDATE DATE

2024-11-23T19:56:25.650000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-54032date:2023-01-30T00:00:00
db:BIDid:52037date:2013-06-20T09:39:00
db:JVNDBid:JVNDB-2012-001498date:2012-02-20T00:00:00
db:CNNVDid:CNNVD-201202-319date:2023-02-01T00:00:00
db:NVDid:CVE-2012-0751date:2024-11-21T01:35:39.330

SOURCES RELEASE DATE

db:VULHUBid:VHN-54032date:2012-02-16T00:00:00
db:BIDid:52037date:2012-02-15T00:00:00
db:JVNDBid:JVNDB-2012-001498date:2012-02-20T00:00:00
db:PACKETSTORMid:110463date:2012-03-06T03:53:43
db:PACKETSTORMid:109859date:2012-02-16T07:06:32
db:CNNVDid:CNNVD-201202-319date:1900-01-01T00:00:00
db:NVDid:CVE-2012-0751date:2012-02-16T19:55:00.990