CVE-2012-5054

high

Description

Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments.

References

http://packetstormsecurity.org/files/116435/Adobe-Flash-Player-Matrix3D-Integer-Overflow-Code-Execution.html

http://www.adobe.com/support/security/bulletins/apsb12-19.html

http://www.vupen.com/english/services/ba-index.php

https://exchange.xforce.ibmcloud.com/vulnerabilities/78866

Details

Source: MITRE

Published: 2012-09-24

Updated: 2018-10-30

Type: CWE-189

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH