CVE-2012-5054
KEV
🔴 Łataj teraz
Przepełnienie całkowite w Adobe Flash Player umożliwia zdalne wykonanie kodu.
CVSS
8.8
EPSS
72.1%
Exploit
weaponized
Vendor
adobe
Opis źródłowy (NVD)
Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments.
exploit
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 8.8 |
| CISA KEV (aktywnie wykorzystywane) | Tak |
| FIRST EPSS (prawdopodobieństwo exploita) | 72.1% |
| Opublikowano (NVD) | 2012-09-24 17:55:07 UTC |
| Ostatnia modyfikacja (NVD) | 2026-04-21 21:14:01 UTC |
Referencje
- http://packetstormsecurity.org/files/116435/Adobe-Flash-Player-Matrix3D-Integer-Overflow-Code-Execution.html (psirt@adobe.com) [Exploit, Third Party Advisory]
- http://www.adobe.com/support/security/bulletins/apsb12-19.html (psirt@adobe.com) [Not Applicable, Vendor Advisory]
- http://www.vupen.com/english/services/ba-index.php (psirt@adobe.com) [Broken Link]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78866 (psirt@adobe.com) [Third Party Advisory, VDB Entry]
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-5054 (134c704f-9b21-4f2e-91b3-4a467353bcc0) [US Government Resource]