BID:52036

Adobe Flash Player CVE-2012-0756 Remote Security Bypass Vulnerability

Info

Adobe Flash Player CVE-2012-0756 Remote Security Bypass Vulnerability

Bugtraq ID:	52036
Class:	Unknown
CVE:	CVE-2012-0756
Remote:	Yes
Local:	No
Published:	Feb 15 2012 12:00AM
Updated:	Jun 20 2013 09:39AM
Credit:	&lt;br&gt;Adobe
Vulnerable:	SuSE SUSE Linux Enterprise Desktop 11 SP1 for SP2 + Linux kernel 2.6.5 SuSE SUSE Linux Enterprise Desktop 11 SP1 + Linux kernel 2.6.5 SuSE SUSE Linux Enterprise Desktop 10 SP4 + Linux kernel 2.6.5 SuSE openSUSE 11.4 Red Hat Enterprise Linux Workstation Supplementary 6 Red Hat Enterprise Linux Supplementary 5 server Red Hat Enterprise Linux Server Supplementary 6 Red Hat Enterprise Linux Desktop Supplementary 6 Red Hat Enterprise Linux Desktop Supplementary 5 client Gentoo Linux Adobe Flash Player 10.1.53 .64 Adobe Flash Player 10.1.51 .66 Adobe Flash Player 10.0.45 2 Adobe Flash Player 10.0.45 2 Adobe Flash Player 10.0.45 2 Adobe Flash Player 10.0.32 18 Adobe Flash Player 10.0.22 .87 Adobe Flash Player 10.0.15 .3 Adobe Flash Player 10.0.12 .36 Adobe Flash Player 10.0.12 .35 Adobe Flash Player 11.1.112.61 Adobe Flash Player 11.1.111.5 Adobe Flash Player 11.1.102.55 Adobe Flash Player 11.0.1.152 Adobe Flash Player 10.3.186.7 Adobe Flash Player 10.3.186.6 Adobe Flash Player 10.3.186.3 Adobe Flash Player 10.3.186.2 Adobe Flash Player 10.3.185.25 Adobe Flash Player 10.3.185.23 Adobe Flash Player 10.3.185.22 Adobe Flash Player 10.3.185.21 Adobe Flash Player 10.3.183.7 Adobe Flash Player 10.3.183.5 Adobe Flash Player 10.3.183.4 Adobe Flash Player 10.3.183.10 Adobe Flash Player 10.3.181.34 Adobe Flash Player 10.3.181.26 Adobe Flash Player 10.3.181.23 Adobe Flash Player 10.3.181.22 Adobe Flash Player 10.3.181.16 Adobe Flash Player 10.3.181.14 Adobe Flash Player 10.2.159.1 Adobe Flash Player 10.2.157.51 Adobe Flash Player 10.2.156.12 Adobe Flash Player 10.2.154.28 Adobe Flash Player 10.2.154.27 Adobe Flash Player 10.2.154.25 Adobe Flash Player 10.2.154.24 Adobe Flash Player 10.2.154.18 Adobe Flash Player 10.2.154.13 Adobe Flash Player 10.2.153.1 Adobe Flash Player 10.2.152.33 Adobe Flash Player 10.2.152.32 Adobe Flash Player 10.2.152.21 Adobe Flash Player 10.2.152 Adobe Flash Player 10.1.95.2 Adobe Flash Player 10.1.95.1 Adobe Flash Player 10.1.92.8 Adobe Flash Player 10.1.92.10 Adobe Flash Player 10.1.92.10 Adobe Flash Player 10.1.85.3 Adobe Flash Player 10.1.82.76 Adobe Flash Player 10.1.52.15 Adobe Flash Player 10.1.52.14.1 Adobe Flash Player 10.1.106.16 Adobe Flash Player 10.1.105.6 Adobe Flash Player 10.1.102.65 Adobe Flash Player 10.1.102.64 Adobe Flash Player 10.1 Release Candida Adobe Flash Player 10.0.42.34 Adobe Flash Player 10.0.32.18 Adobe Flash Player 10

Not Vulnerable:	Adobe Flash Player 11.1.115.6 Adobe Flash Player 11.1.111.6 Adobe Flash Player 11.1.102.62

Discussion

Adobe Flash Player CVE-2012-0756 Remote Security Bypass Vulnerability

Adobe Flash Player is prone to an unspecified remote security-bypass vulnerability.

An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Exploit / POC

Adobe Flash Player CVE-2012-0756 Remote Security Bypass Vulnerability

Currently we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

Adobe Flash Player CVE-2012-0756 Remote Security Bypass Vulnerability

Solution:
Updates are available. Please see the references for more information.

References

Adobe Flash Player CVE-2012-0756 Remote Security Bypass Vulnerability

References:

Adobe Homepage (Adobe)
APSB12-03 Security update available for Adobe Flash Player (Adobe)
Vulnerabilities in Adobe Flash Player version included with the BlackBerry PlayB (Research In Motion)