CVE-2012-1535

Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted SWF content, as exploited in the wild in August 2012 with SWF content in a Word document.

Published: Aug 15, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-1535
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
adobe / flash_player	-	11.3.300.271
adobe / flash_player	-	11.2.202.238
redhat / enterprise_linux_server	5.0	5.0.x
redhat / enterprise_linux_workstation	5.0	5.0.x
redhat / enterprise_linux_desktop	5.0	5.0.x
opensuse / opensuse	11.4	11.4.x
opensuse / opensuse	12.1	12.1.x
suse / linux_enterprise_desktop	10-sp4	10-sp4.x

http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00012.html
http://marc.info/?l=bugtraq&m=139455789818399&w=2
http://rhn.redhat.com/errata/RHSA-2012-1203.html
http://security.gentoo.org/glsa/glsa-201209-01.xml
http://www.adobe.com/support/security/bulletins/apsb12-18.html

Vulnerability Database

CVE-2012-1535

Deep Security Visibility Without the Complexity