Denial of service in the Adobe Flash Player

Posted: November 8, 2012 in Vulnerabilities
Tags: , ,

Adobe Flash

Denial of service in the Adobe Flash Player

Vulnerability: Denial of service in the Adobe Flash Player

Danger: High
Patch: Yes
Quantity of vulnerabilities: 7

CVE ID: CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, CVE-2012-5278, CVE-2012-5279, CVE-2012-5280

Impact: System Compromise
Affected Products: Adobe Flash Player 11.x
Adobe AIR 3.x

Affected versions:
– Adobe Flash Player for Windows and Macintosh versions prior to 11.5.502.110;
– Adobe Flash Player for Linux versions prior to 11.2.202.251;
– Adobe Flash Player for Android 4.x versions prior to 11.1.115.27;
– Adobe Flash Player for Android 3.x and 2.x versions prior to 11.1.111.24;
– Adobe AIR for Windows and Macintosh versions prior to 3.5.0.600;
– Adobe AIR SDK versions prior to 3.5.0.600

Description:

Which can be exploited by malicious people to execute arbitrary code on the target system.

1. The vulnerability is caused due to an unspecified error. This can be exploited to cause a buffer overflow and execute arbitrary code on the target system.

2. The vulnerability is caused due to an unspecified error. This can be exploited to cause a buffer overflow and execute arbitrary code on the target system.

3. The vulnerability is caused due to an unspecified error. This can be exploited to cause a buffer overflow and execute arbitrary code on the target system.

4. The vulnerability is caused due to an unspecified error. This can be exploited to cause a buffer overflow and execute arbitrary code on the target system.

5. The vulnerability is caused due to an unspecified error. This can be exploited to cause a buffer overflow and execute arbitrary code on the target system.

6. The vulnerability is caused due to an unspecified error. This can be exploited to corrupt memory on the target system.

7. The vulnerability is caused due to an unspecified error. Malicious people to bypass certain security restrictions and execute arbitrary code on the target system.

Manufacturer: https://malwarelist.wordpress.com/2012/10/18/adobe-systems-inc/

Solution: The vulnerabilities patch from the manufacturer.

Links:

http://www.adobe.com/support/security/bulletins/apsb12-24.html

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s