critical
10
CWE
119
Advisory Published
Updated

CVE-2012-5249: Buffer Overflow

First published: Tue Oct 09 2012(Updated: )

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.

Credit: psirt@adobe.com

Affected SoftwareAffected VersionHow to fix
Macromedia Flash Player<=10.3.183.25
Macromedia Flash Player=10.1.85.3
Macromedia Flash Player=10.1.102.64
Macromedia Flash Player=10.2.152.26
Macromedia Flash Player=10.2.152.32
Macromedia Flash Player=10.2.153.1
Macromedia Flash Player=10.2.159.1
Macromedia Flash Player=10.3.181.14
Macromedia Flash Player=10.3.181.16
Macromedia Flash Player=10.3.181.22
Macromedia Flash Player=10.3.181.26
Macromedia Flash Player=10.3.181.34
Macromedia Flash Player=10.3.183.5
Macromedia Flash Player=10.3.183.7
Macromedia Flash Player=10.3.183.10
Macromedia Flash Player=10.3.183.11
Macromedia Flash Player=10.3.183.15
Macromedia Flash Player=10.3.183.16
Macromedia Flash Player=10.3.183.18
Macromedia Flash Player=10.3.183.20
Macromedia Flash Player=10.3.183.23
Macromedia Flash Player=11.0.1.152
Macromedia Flash Player=11.1.102.55
Macromedia Flash Player=11.1.102.62
Macromedia Flash Player=11.1.102.63
Macromedia Flash Player=11.2.202.223
Macromedia Flash Player=11.2.202.228
Macromedia Flash Player=11.2.202.233
Macromedia Flash Player=11.2.202.235
Macromedia Flash Player=11.2.202.238
Macromedia Flash Player=11.2.202.243
Macromedia Flash Player=11.3.300.257
Macromedia Flash Player=11.3.300.262
Macromedia Flash Player=11.3.300.265
Macromedia Flash Player=11.3.300.268
Macromedia Flash Player=11.3.300.271
Macromedia Flash Player=11.3.300.273
Macromedia Flash Player=11.4.402.265
Macromedia Flash Player=11.4.402.278
Apple iOS and macOS
Microsoft Windows Operating System
Linux Kernel
Adobe Flash Player<=11.1.111.16
Adobe Flash Player=10.1.106.17
Adobe Flash Player=10.2.157.51
Adobe Flash Player=10.3.186.7
Adobe Flash Player=11.0.1.153
Adobe Flash Player=11.1.102.59
Adobe Flash Player=11.1.111.5
Adobe Flash Player=11.1.111.7
Adobe Flash Player=11.1.111.8
Adobe Flash Player=11.1.111.9
Adobe Flash Player=11.1.111.10
Android=2.0
Android=2.0.1
Android=2.1
Android=2.2
Android=2.2-rev1
Android=2.2.1
Android=2.2.2
Android=2.2.3
Android=2.3
Android=2.3-rev1
Android=2.3.1
Android=2.3.2
Android=2.3.3
Android=2.3.4
Android=2.3.5
Android=2.3.6
Android=2.3.7
Android=3.0
Android=3.1
Android=3.2
Android=3.2.1
Android=3.2.2
Android=3.2.4
Android=3.2.6
Adobe Flash Player<=11.1.115.17
Adobe Flash Player=11.1.112.60
Adobe Flash Player=11.1.112.61
Adobe Flash Player=11.1.115.7
Adobe Flash Player=11.1.115.8
Adobe Flash Player=11.1.115.11
Adobe Flash Player=11.1.115.12
Android=4.0
Android=4.0.1
Android=4.0.2
Android=4.0.3
Android=4.0.4
Android=4.1
Adobe<=3.4.0.2540
Adobe=1.0
Adobe=1.0.1
Adobe=1.0.8.4990
Adobe=1.0.4990
Adobe=1.1
Adobe=1.1.0.5790
Adobe=1.5
Adobe=1.5.0.7220
Adobe=1.5.1
Adobe=1.5.1.8210
Adobe=1.5.2
Adobe=1.5.3
Adobe=1.5.3.9120
Adobe=1.5.3.9130
Adobe=2.0.2
Adobe=2.0.2.12610
Adobe=2.0.3
Adobe=2.0.3.13070
Adobe=2.0.4
Adobe=2.5.0.16600
Adobe=2.5.1.17730
Adobe=2.6
Adobe=2.6.0.19120
Adobe=2.6.0.19140
Adobe=2.7
Adobe=2.7.0.1948
Adobe=2.7.0.1953
Adobe=2.7.0.19480
Adobe=2.7.0.19530
Adobe=2.7.1
Adobe=2.7.1.19610
Adobe=3.0.0.408
Adobe=3.0.0.4080
Adobe=3.1.0.485
Adobe=3.1.0.488
Adobe=3.1.0.4880
Adobe=3.2.0.207
Adobe=3.2.0.2070
Adobe=3.3.0.3670
Adobe AIR SDK<=3.4.0.2540

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2012-5249?

    CVE-2012-5249 has been classified as a critical severity vulnerability due to its potential to allow remote code execution.

  • How do I fix CVE-2012-5249?

    To fix CVE-2012-5249, update Adobe Flash Player to version 11.4.402.287 or later.

  • Which systems are affected by CVE-2012-5249?

    CVE-2012-5249 affects multiple systems including Windows, Mac OS X, Linux, and various Android platforms with specific versions of Adobe Flash Player.

  • What type of attack can exploit CVE-2012-5249?

    CVE-2012-5249 can be exploited through malicious SWF files, leading to buffer overflow and potential remote code execution.

  • Is there a workaround for CVE-2012-5249?

    Temporary workarounds for CVE-2012-5249 include disabling Adobe Flash Player or using a browser without Flash support until the software is updated.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203