Details of VAR-201202-0247

ID

VAR-201202-0247

CVE

CVE-2012-0751

TITLE

Adobe Flash Player of ActiveX Vulnerability in arbitrary code execution in control

Trust: 0.8

sources: JVNDB: JVNDB-2012-001498

DESCRIPTION

The ActiveX control in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Flash Player is prone to an unspecified remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. The product enables viewing of applications, content and video across screens and browsers. ---------------------------------------------------------------------- Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch ---------------------------------------------------------------------- TITLE: Google Chrome Multiple Vulnerabilities SECUNIA ADVISORY ID: SA48265 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48265/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48265 RELEASE DATE: 2012-03-05 DISCUSS ADVISORY: http://secunia.com/advisories/48265/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/48265/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=48265 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Google Chrome, where one has an unknown impact and others can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system. 1) A use-after-free error exists within v8 element wrapper handling. 2) A use-after-free error exists within SVG value handling. 3) A buffer overflow exists within the Skia drawing library. 4) A use-after-free error exists within SVG document handling. 5) A use-after-free error exists within SVG use handling. 6) A casting error exists within line box handling. 7) A casting error exists within anonymous block splitting. 8) A use-after-free error exists within multi-column handling. 9) A use-after-free error exists within quote handling. 10) An out-of-bounds read error exists within text handling. 11) A use-after-free error exists within class attribute handling. 12) A use-after-free error exists within table section handling. 13) A use-after-free error exists within flexbox with floats handling. 14) A use-after-free error exists within SVG animation elements handling. For more information: SA48033 SOLUTION: Update to version 17.0.963.65. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Chamal de Silva 2, 4, 5, 14) Arthur Gerkis 3) Aki Helin, OUSPG 6, 7, 8, 9, 10, 11, 12, 13) miaubiz ORIGINAL ADVISORY: http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . ---------------------------------------------------------------------- Secunia presentations @ RSA Conference 2012, San Francisco, USA, 27 Feb-02 March Listen to our Chief Security Specialist, Research Analyst Director, and Director Product Management & Quality Assurance discuss the industry's key topics. Also, visit the Secunia stand #817. 1) An unspecified error in an ActiveX Control can be exploited to corrupt memory. 2) A type confusion error can be exploited to corrupt memory. 3) An unspecified error related to MP4 parsing can be exploited to corrupt memory. 4) An unspecified error can be exploited to corrupt memory. 5) An unspecified error can be exploited to bypass certain security restrictions. 6) An unspecified error can be exploited to bypass certain security restrictions. Successful exploitation of the vulnerabilities #1 through #6 may allow execution of arbitrary code. 7) Certain unspecified input is not properly sanitised before being returned to the user. NOTE: This vulnerability is reportedly being actively exploited in targeted attacks

Trust: 2.16

sources: NVD: CVE-2012-0751 // JVNDB: JVNDB-2012-001498 // BID: 52037 // VULHUB: VHN-54032 // PACKETSTORM: 110463 // PACKETSTORM: 109859

AFFECTED PRODUCTS

vendor:	adobe	model:	flash player	scope:	lt	version:	11.1.102.62	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	gte	version:	11.0	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	lt	version:	10.3.183.15	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.102.62	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	11.x	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	eq	version:	7	Trust: 0.6
vendor:	adobe	model:	flash player	scope:	eq	version:	6	Trust: 0.6
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.1	Trust: 0.6
vendor:	adobe	model:	flash player	scope:	eq	version:	3	Trust: 0.6
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0	Trust: 0.6
vendor:	adobe	model:	flash player	scope:	eq	version:	4	Trust: 0.6
vendor:	adobe	model:	flash player	scope:	eq	version:	2	Trust: 0.6
vendor:	adobe	model:	flash player	scope:	eq	version:	6.0.79	Trust: 0.6
vendor:	adobe	model:	flash player	scope:	eq	version:	6.0.21.0	Trust: 0.6
vendor:	adobe	model:	flash player	scope:	eq	version:	5	Trust: 0.6
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.21	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.22	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.3218	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.12.35	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.0.1.152	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.3	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.15.3	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152.21	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.157.51	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.53.64	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.26	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.14	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	ne	version:	11.1.102.62	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.25	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.92.8	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	11.4	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.159.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.102.55	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.25	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.34	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.52.15	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.23	Trust: 0.3
vendor:	suse	model:	linux enterprise desktop sp1 for sp2	scope:	eq	version:	11	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.105.6	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152.32	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.95.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.24	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.156.12	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.16	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.2	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.95.2	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.42.34	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152.33	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.22	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.22.87	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.51.66	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.13	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.4	Trust: 0.3
vendor:	adobe	model:	flash player release candida	scope:	eq	version:	10.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.85.3	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.27	Trust: 0.3
vendor:	suse	model:	linux enterprise desktop sp1	scope:	eq	version:	11	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.18	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.28	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.23	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.82.76	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.52.14.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.32.18	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.153.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.5	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.92.10	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.106.16	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.452	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.102.65	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.12.36	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.10	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.6	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.102.64	Trust: 0.3

sources: BID: 52037 // JVNDB: JVNDB-2012-001498 // CNNVD: CNNVD-201202-319 // NVD: CVE-2012-0751

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-0751
value:	HIGH
Trust: 1.0
NVD:	CVE-2012-0751
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201202-319
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-54032
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2012-0751
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-54032
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-54032 // JVNDB: JVNDB-2012-001498 // CNNVD: CNNVD-201202-319 // NVD: CVE-2012-0751

PROBLEMTYPE DATA

problemtype:

CWE-787

Trust: 1.1

sources: VULHUB: VHN-54032 // NVD: CVE-2012-0751

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201202-319

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201202-319

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-001498

PATCH

title:	APSB12-03	url:	http://www.adobe.com/support/security/bulletins/apsb12-03.html	Trust: 0.8
title:	APSB12-03	url:	http://www.adobe.com/jp/support/security/bulletins/apsb12-03.html	Trust: 0.8
title:	APSB12-03 (cpsid_93112)	url:	http://kb2.adobe.com/jp/cps/931/cpsid_93112.html	Trust: 0.8
title:	アドビシステムズ社 Adobe Flash Player の脆弱性に関するお知らせ	url:	http://www.fmworld.net/biz/common/adobe/20120217f.html	Trust: 0.8
title:	Adobe Flash Player Repair measures for memory corruption vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=223264	Trust: 0.6

sources: JVNDB: JVNDB-2012-001498 // CNNVD: CNNVD-201202-319

EXTERNAL IDS

db:	NVD	id:	CVE-2012-0751	Trust: 2.8
db:	SECUNIA	id:	48265	Trust: 1.8
db:	JVNDB	id:	JVNDB-2012-001498	Trust: 0.8
db:	CNNVD	id:	CNNVD-201202-319	Trust: 0.6
db:	BID	id:	52037	Trust: 0.4
db:	VULHUB	id:	VHN-54032	Trust: 0.1
db:	PACKETSTORM	id:	110463	Trust: 0.1
db:	SECUNIA	id:	48033	Trust: 0.1
db:	PACKETSTORM	id:	109859	Trust: 0.1

sources: VULHUB: VHN-54032 // BID: 52037 // JVNDB: JVNDB-2012-001498 // PACKETSTORM: 110463 // PACKETSTORM: 109859 // CNNVD: CNNVD-201202-319 // NVD: CVE-2012-0751

REFERENCES

url:	http://www.adobe.com/support/security/bulletins/apsb12-03.html	Trust: 2.1
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a14985	Trust: 1.7
url:	http://secunia.com/advisories/48265	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-0751	Trust: 0.8
url:	https://www.jpcert.or.jp/at/2012/at120006.txt	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-0751	Trust: 0.8
url:	http://www.npa.go.jp/cyberpolice/#topics	Trust: 0.8
url:	http://www.adobe.com	Trust: 0.3
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.2
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.2
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.2
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.2
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.2
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.2
url:	http://secunia.com/advisories/48265/	Trust: 0.1
url:	http://secunia.com/psi_30_beta_launch	Trust: 0.1
url:	http://secunia.com/advisories/48265/#comments	Trust: 0.1
url:	http://googlechromereleases.blogspot.com/2012/03/chrome-stable-update.html	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=48265	Trust: 0.1
url:	http://secunia.com/advisories/48033/	Trust: 0.1
url:	http://www.rsaconference.com/events/2012/usa/index.htm	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=48033	Trust: 0.1
url:	http://secunia.com/advisories/48033/#comments	Trust: 0.1

sources: VULHUB: VHN-54032 // BID: 52037 // JVNDB: JVNDB-2012-001498 // PACKETSTORM: 110463 // PACKETSTORM: 109859 // CNNVD: CNNVD-201202-319 // NVD: CVE-2012-0751

CREDITS

Xu Liu of Fortinet´s FortiGuard Labs

Trust: 0.6

sources: CNNVD: CNNVD-201202-319

SOURCES

db:	VULHUB	id:	VHN-54032
db:	BID	id:	52037
db:	JVNDB	id:	JVNDB-2012-001498
db:	PACKETSTORM	id:	110463
db:	PACKETSTORM	id:	109859
db:	CNNVD	id:	CNNVD-201202-319
db:	NVD	id:	CVE-2012-0751

LAST UPDATE DATE

2024-08-14T12:12:42.807000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-54032	date:	2023-01-30T00:00:00
db:	BID	id:	52037	date:	2013-06-20T09:39:00
db:	JVNDB	id:	JVNDB-2012-001498	date:	2012-02-20T00:00:00
db:	CNNVD	id:	CNNVD-201202-319	date:	2023-02-01T00:00:00
db:	NVD	id:	CVE-2012-0751	date:	2023-01-30T18:01:18.900

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-54032	date:	2012-02-16T00:00:00
db:	BID	id:	52037	date:	2012-02-15T00:00:00
db:	JVNDB	id:	JVNDB-2012-001498	date:	2012-02-20T00:00:00
db:	PACKETSTORM	id:	110463	date:	2012-03-06T03:53:43
db:	PACKETSTORM	id:	109859	date:	2012-02-16T07:06:32
db:	CNNVD	id:	CNNVD-201202-319	date:	1900-01-01T00:00:00
db:	NVD	id:	CVE-2012-0751	date:	2012-02-16T19:55:00.990