CVE-2012-0772

HIGH

Description

An unspecified ActiveX control in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228, and AIR before 3.2.0.2070, on Windows does not properly perform URL security domain checking, which allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors.

References

http://osvdb.org/80706

http://secunia.com/advisories/48618

http://www.adobe.com/support/security/bulletins/apsb12-07.html

http://www.securitytracker.com/id?1026859

http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15266

Details

Source: MITRE

Published: 2012-03-28

Updated: 2018-10-30

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH