Flash Player for Mac <= / Multiple Memory Corruption Vulnerabilities (APSB12-07)

High Nessus Plugin ID 58540


The remote Mac OS X host has a browser plugin that is affected by multiple memory corruption vulnerabilities.


According to its version, the instance of Flash Player installed on the remote Mac OS X host is 10.x equal to or earlier than or 11.x equal to or earlier than It is, therefore, reportedly affected by several critical memory corruption vulnerabilities :

- Memory corruption vulnerabilities related to URL security domain checking. (CVE-2012-0772)

- A flaw in the NetStream Class that could lead to remote code execution. (CVE-2012-0773)

By tricking a victim into visiting a specially crafted page, an attacker may be able to utilize these vulnerabilities to execute arbitrary code subject to the users' privileges.


Upgrade to Adobe Flash version / or later.

See Also




Plugin Details

Severity: High

ID: 58540

File Name: macosx_flash_player_11_2_202_228.nasl

Version: $Revision: 1.11 $

Type: local

Agent: macosx

Published: 2012/03/30

Modified: 2016/05/20

Dependencies: 53914

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:adobe:flash_player

Required KB Items: MacOSX/Flash_Player/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2012/03/28

Vulnerability Publication Date: 2012/03/28

Reference Information

CVE: CVE-2012-0772, CVE-2012-0773

BID: 52748

OSVDB: 80706, 80707