First published: Tue Aug 21 2012(Updated: )
Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4164 and CVE-2012-4165.
Credit: psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Macromedia Flash Player | >=10.3<10.3.183.23 | |
Macromedia Flash Player | >=11.4<11.4.402.265 | |
Apple iOS and macOS | ||
Microsoft Windows | ||
Macromedia Flash Player | >=11.2<11.2.202.238 | |
Linux Kernel | ||
Macromedia Flash Player | >=11.1<11.1.111.16 | |
Android | >=2.0<=2.3.7 | |
Android | >=3.0<=3.2.6 | |
Macromedia Flash Player | >=11.1<11.1.115.17 | |
Android | >=4.0<=4.4.4 | |
Adobe | <3.4.0.2540 | |
Adobe AIR | <3.4.0.2540 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2012-4163 has a medium severity rating due to its potential for exploitation in Adobe Flash Player.
To fix CVE-2012-4163, users should update Adobe Flash Player to version 10.3.183.23 or later.
CVE-2012-4163 affects Adobe Flash Player versions before 10.3.183.23 on Windows and Mac, and 11.x before 11.4.402.265.
Yes, CVE-2012-4163 affects Adobe AIR versions before 3.4.0.2540.
CVE-2012-4163 is present on Windows, Mac OS X, Linux, and specific Android versions.