CVE-2012-4167: Integer Overflow
First published: Tue Aug 21 2012(Updated: )
Integer overflow in Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allows attackers to execute arbitrary code via unspecified vectors.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Macromedia Flash Player | >=10.3<10.3.183.23 | |
| Macromedia Flash Player | >=11.4<11.4.402.265 | |
| Apple iOS and macOS | ||
| Microsoft Windows Operating System | ||
| Macromedia Flash Player | >=11.2<11.2.202.238 | |
| Linux Kernel | ||
| Macromedia Flash Player | >=11.1<11.1.111.16 | |
| Android | >=2.0<=2.3.7 | |
| Android | >=3.0<=3.2.6 | |
| Macromedia Flash Player | >=11.1<11.1.115.17 | |
| Android | >=4.0<=4.4.4 | |
| Adobe | <3.4.0.2540 | |
| Adobe AIR | <3.4.0.2540 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-4167?
CVE-2012-4167 has a critical severity rating due to its potential to allow arbitrary code execution.
How do I fix CVE-2012-4167?
To fix CVE-2012-4167, users should upgrade to Adobe Flash Player version 10.3.183.23 or later for Windows and Mac OS X, and version 11.1.115.17 or later for Android.
Which versions of Adobe Flash Player are affected by CVE-2012-4167?
Adobe Flash Player versions prior to 10.3.183.23 and 11.x prior to 11.4.402.265 are affected by CVE-2012-4167.
What platforms are vulnerable to CVE-2012-4167?
CVE-2012-4167 affects Adobe Flash Player on Windows, Mac OS X, Linux, and certain versions of Android.
Is Adobe AIR affected by CVE-2012-4167?
Yes, Adobe AIR versions prior to 3.4.0.2540 are also affected by CVE-2012-4167.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/severity
- agent/remedy
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/macromedia flash player
- version/macromedia flash player/10.3
- version/macromedia flash player/11.4
- vendor/apple
- canonical/apple ios and macos
- vendor/microsoft
- canonical/microsoft windows operating system
- version/macromedia flash player/11.2
- vendor/linux
- canonical/linux kernel
- version/macromedia flash player/11.1
- vendor/google
- canonical/android
- version/android/2.0
- version/android/2.3.7
- version/android/3.0
- version/android/3.2.6
- version/android/4.0
- version/android/4.4.4
- canonical/adobe
- canonical/adobe air