Sign-up

ID

VAR-201211-0401


CVE

CVE-2012-5673


TITLE

Adobe Flash Player and Adobe AIR Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2012-005332

DESCRIPTION

Unspecified vulnerability in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 has unknown impact and attack vectors. Adobe Flash Player and Adobe AIR Contains vulnerabilities that are unspecified.It may be affected unspecified. The impact of this issue is currently unknown. We will update this BID when more information emerges. The product enables viewing of applications, content and video across screens and browsers. Attackers exploit this vulnerability with unknown impact and attack vectors

Trust: 1.98

sources: NVD: CVE-2012-5673 // JVNDB: JVNDB-2012-005332 // BID: 56377 // VULHUB: VHN-58954

AFFECTED PRODUCTS

vendor:adobemodel:flash playerscope:gteversion:11.2

Trust: 1.0

vendor:adobemodel:flash playerscope:ltversion:11.4.402.287

Trust: 1.0

vendor:adobemodel:flash playerscope:ltversion:10.3.183.29

Trust: 1.0

vendor:adobemodel:flash playerscope:ltversion:11.2.202.243

Trust: 1.0

vendor:adobemodel:air sdkscope:ltversion:3.4.0.2710

Trust: 1.0

vendor:adobemodel:flash playerscope:ltversion:11.1.115.20

Trust: 1.0

vendor:adobemodel:flash playerscope:gteversion:11.4

Trust: 1.0

vendor:adobemodel:airscope:ltversion:3.4.0.2710

Trust: 1.0

vendor:adobemodel:flash playerscope:ltversion:11.1.111.19

Trust: 1.0

vendor:adobemodel:flash playerscope:gteversion:11.1

Trust: 1.0

vendor:adobemodel:flash playerscope:gteversion:10.3

Trust: 1.0

vendor:microsoftmodel:windowsscope:ltversion:)

Trust: 0.8

vendor:adobemodel:airscope:eqversion:android)

Trust: 0.8

vendor:adobemodel:airscope:eqversion:macintosh

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:(android 2.x 3.x)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:(android 4.x)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:11.x (linux)

Trust: 0.8

vendor:microsoftmodel:windows 8scope:eqversion:for 64-bit systems (adobe flash player 11.3.375.10

Trust: 0.8

vendor:adobemodel:airscope:ltversion:(windows

Trust: 0.8

vendor:adobemodel:flash playerscope:eqversion:11.1.111.19

Trust: 0.8

vendor:microsoftmodel:internet explorerscope:ltversion:)

Trust: 0.8

vendor:adobemodel:air sdkscope:ltversion:(air for ios include )

Trust: 0.8

vendor:adobemodel:flash playerscope:eqversion:11.2.202.243

Trust: 0.8

vendor:microsoftmodel:windows 8scope:eqversion:for 32-bit systems (adobe flash player 11.3.375.10

Trust: 0.8

vendor:adobemodel:flash playerscope:eqversion:11.4.402.287

Trust: 0.8

vendor:microsoftmodel:windows serverscope:ltversion:)

Trust: 0.8

vendor:adobemodel:flash playerscope:eqversion:10.3.183.29

Trust: 0.8

vendor:googlemodel:chromescope:ltversion:22.0.1229.92

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:11.x (windows macintosh)

Trust: 0.8

vendor:adobemodel:airscope:eqversion:3.4.0.2710

Trust: 0.8

vendor:adobemodel:flash playerscope:eqversion:11.1.115.20

Trust: 0.8

vendor:microsoftmodel:windows 8scope:ltversion:)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:(linux)

Trust: 0.8

vendor:adobemodel:air sdkscope:eqversion:3.4.0.2710

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:(windows macintosh)

Trust: 0.8

vendor:microsoftmodel:windows serverscope:eqversion:2012 (adobe flash player 11.3.375.10

Trust: 0.8

vendor:microsoftmodel:internet explorerscope:eqversion:10 (adobe flash player 11.3.375.10

Trust: 0.8

vendor:microsoftmodel:windowsscope:eqversion:rt (adobe flash player 11.3.375.10

Trust: 0.8

vendor:adobemodel:flash playerscope:eqversion:10.3.183.7

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:10.3.183.15

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:10.3.183.5

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:10.3.183.20

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:10.3.183.11

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:10.3.183.18

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:10.3.183.10

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:10.3.181.34

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:10.3.183.23

Trust: 0.6

vendor:adobemodel:flash playerscope:eqversion:10.3.183.16

Trust: 0.6

sources: JVNDB: JVNDB-2012-005332 // CNNVD: CNNVD-201211-096 // NVD: CVE-2012-5673

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-5673
value: HIGH

Trust: 1.0

NVD: CVE-2012-5673
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201211-096
value: CRITICAL

Trust: 0.6

VULHUB: VHN-58954
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2012-5673
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-58954
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-58954 // JVNDB: JVNDB-2012-005332 // CNNVD: CNNVD-201211-096 // NVD: CVE-2012-5673

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2012-5673

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201211-096

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201211-096

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-005332

PATCH
title:APSB12-22url:http://www.adobe.com/support/security/bulletins/apsb12-22.html
Trust: 0.8
title:APSB12-22url:http://www.adobe.com/jp/support/security/bulletins/apsb12-22.html
Trust: 0.8
title:Google Chromeurl:http://www.google.co.jp/chrome/intl/ja/landing_ff_yt.html?hl=ja&hl=ja
Trust: 0.8
title:Stable Channel Updateurl:http://googlechromereleases.blogspot.jp/2012/10/stable-channel-update.html
Trust: 0.8
title:Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 (2755801)url:http://technet.microsoft.com/en-us/security/advisory/2755801
Trust: 0.8
title:Internet Explorer 10 上の Adobe Flash Player の脆弱性用の更新プログラム (2755801)url:http://technet.microsoft.com/ja-jp/security/advisory/2755801
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2012-005332

EXTERNAL IDS
db:NVDid:CVE-2012-5673
Trust: 2.8
db:BIDid:56377
Trust: 2.0
db:OSVDBid:86877
Trust: 1.1
db:JVNDBid:JVNDB-2012-005332
Trust: 0.8
db:CNNVDid:CNNVD-201211-096
Trust: 0.7
db:VULHUBid:VHN-58954
Trust: 0.1
sources:
            
            
            VULHUB: VHN-58954 // 
            
            
            
            BID: 56377 // 
            
            
            
            JVNDB: JVNDB-2012-005332 // 
            
            
            
            CNNVD: CNNVD-201211-096 // 
            
            
            
            NVD: CVE-2012-5673

REFERENCES
url:http://www.securityfocus.com/bid/56377
Trust: 1.7
url:http://www.adobe.com/support/security/bulletins/apsb12-22.html
Trust: 1.7
url:http://osvdb.org/86877
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/79773
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5673
Trust: 0.8
url:http://www.ipa.go.jp/security/ciadr/vul/20121009-adobeflashplayer.html
Trust: 0.8
url:http://www.jpcert.or.jp/at/2012/at120031.txt
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5673
Trust: 0.8
url:http://www.npa.go.jp/cyberpolice/#topics
Trust: 0.8
url:http://www.adobe.com/products/air/
Trust: 0.3
url:http://www.adobe.com/products/flash/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-58954 // 
            
            
            
            BID: 56377 // 
            
            
            
            JVNDB: JVNDB-2012-005332 // 
            
            
            
            CNNVD: CNNVD-201211-096 // 
            
            
            
            NVD: CVE-2012-5673

CREDITS
Mateusz Jurczyk, Gynvael Coldwind and Fermin Serna of the Google Security Team
Trust: 0.9
sources:
            
            
            BID: 56377 // 
            
            
            
            CNNVD: CNNVD-201211-096

SOURCES
db:VULHUBid:VHN-58954
db:BIDid:56377
db:JVNDBid:JVNDB-2012-005332
db:CNNVDid:CNNVD-201211-096
db:NVDid:CVE-2012-5673

LAST UPDATE DATE
2024-08-14T14:21:24.325000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-58954date:2018-12-04T00:00:00
db:BIDid:56377date:2013-06-20T09:38:00
db:JVNDBid:JVNDB-2012-005332date:2012-11-14T00:00:00
db:CNNVDid:CNNVD-201211-096date:2012-11-14T00:00:00
db:NVDid:CVE-2012-5673date:2018-12-04T17:58:43.410

SOURCES RELEASE DATE
db:VULHUBid:VHN-58954date:2012-11-13T00:00:00
db:BIDid:56377date:2012-11-02T00:00:00
db:JVNDBid:JVNDB-2012-005332date:2012-11-14T00:00:00
db:CNNVDid:CNNVD-201211-096date:2012-11-06T00:00:00
db:NVDid:CVE-2012-5673date:2012-11-13T13:39:47.217