Adobe Flash Player APSB12-07 Multiple Memory Corruption Vulnerabilities
BID:52748
Info
Adobe Flash Player APSB12-07 Multiple Memory Corruption Vulnerabilities
| Bugtraq ID: | 52748 |
| Class: | Unknown |
| CVE: |
CVE-2012-0773 CVE-2012-0772 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 28 2012 12:00AM |
| Updated: | Mar 19 2015 09:48AM |
| Credit: | Microsoft Vulnerability Research and anonymous through TippingPoint's Zero Day Initiative |
| Vulnerable: |
Xerox FreeFlow Print Server (FFPS) 73.C0.41 Xerox FreeFlow Print Server (FFPS) 73.B3.61 SuSE SUSE Linux Enterprise Desktop 11 SP2 SuSE SUSE Linux Enterprise Desktop 11 SP1 SuSE SUSE Linux Enterprise Desktop 10 SP4 SuSE openSUSE 12.1 SuSE openSUSE 11.4 Sun Solaris 10 Red Hat Enterprise Linux Workstation Supplementary 6 Red Hat Enterprise Linux Supplementary 5 server Red Hat Enterprise Linux Server Supplementary 6 Red Hat Enterprise Linux Desktop Supplementary 6 Red Hat Enterprise Linux Desktop Supplementary 5 client Gentoo Linux Adobe Flash Player 11.1.111.7 Adobe Flash Player 11.1.111.6 Adobe Flash Player 11.1.111.5 Adobe Flash Player 11.1.102.63 Adobe Flash Player 11.1.102.62 Adobe Flash Player 11.1.102.55 Adobe Flash Player 10.1.102.65 Adobe Flash Player 10.1.102.64 Adobe AIR 2.0.4 Adobe AIR 2.0.3 Adobe AIR 1.5.3 .9130 Adobe AIR 1.5.3 .9120 Adobe AIR 1.5.3 Adobe AIR 1.5.2 Adobe AIR 1.5.1 Adobe AIR 3.1.0.4880 Adobe AIR 3.0 Adobe AIR 2.7.1.1961 Adobe AIR 2.7.1 Adobe AIR 2.7 Adobe AIR 2.6.19140 Adobe AIR 2.6.19120 Adobe AIR 2.6 Adobe AIR 2.5.1 Adobe AIR 2.0.3 Adobe AIR 2.0.2.12610 Adobe AIR 2.0.2 Adobe AIR 1.5 Adobe AIR 1.1 Adobe AIR 1.01 Adobe AIR 1.0 |
| Not Vulnerable: |
Adobe Flash Player 11.2.202.228 Adobe Flash Player 11.2.202.223 Adobe Flash Player 11.1.111.8 Adobe AIR 3.2.0.2080 Adobe AIR 3.2.0.2070 |
Discussion
Adobe Flash Player APSB12-07 Multiple Memory Corruption Vulnerabilities
Adobe Flash Player is prone to multiple memory-corruption vulnerabilities.
An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Adobe Flash Player is prone to multiple memory-corruption vulnerabilities.
An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Exploit / POC
Adobe Flash Player APSB12-07 Multiple Memory Corruption Vulnerabilities
A working commercial exploit is available through VUPEN Security - Exploit and PoCs Service for CVE-2012-0773. This exploit is not otherwise publicly available or known to be circulating in the wild.
A working commercial exploit is available through VUPEN Security - Exploit and PoCs Service for CVE-2012-0773. This exploit is not otherwise publicly available or known to be circulating in the wild.
Solution / Fix
Adobe Flash Player APSB12-07 Multiple Memory Corruption Vulnerabilities
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Adobe Flash Player APSB12-07 Multiple Memory Corruption Vulnerabilities
References:
References:
- Adobe Flash Homepage (Adobe)
- Multiple vulnerabilities in Adobe Flashplayer (Oracle)
- VUPEN Security Research - Adobe Flash Player NetStream Remote Code Execution Vu (VUPEN Security Research
- APSB12-07 Security update available for Adobe Flash Player (Adobe)