CVE-2012-5676: Buffer Overflow
First published: Wed Dec 12 2012(Updated: )
Buffer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; Adobe AIR before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X; and Adobe AIR SDK before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X allows attackers to execute arbitrary code via unspecified vectors.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Macromedia Flash Player | >=10.3<10.3.183.48 | |
| Macromedia Flash Player | >=11.5<11.5.502.135 | |
| Microsoft Windows Operating System | ||
| Macromedia Flash Player | >=11.2<11.2.202.258 | |
| Linux Kernel | ||
| Macromedia Flash Player | >=11.1<11.1.111.29 | |
| Android | >=2.0<=2.3.7 | |
| Android | >=3.0<=3.2.6 | |
| Macromedia Flash Player | >=11.1<11.1.115.34 | |
| Android | >=4.0<=4.4.4 | |
| Adobe | <3.5.0.880 | |
| Macromedia Flash Player | >=11.5<11.5.502.136 | |
| Apple iOS and macOS | ||
| Adobe | <3.5.0.890 | |
| Adobe AIR | <3.5.0.880 | |
| Adobe AIR | <3.5.0.890 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-5676?
CVE-2012-5676 is rated as a high-severity vulnerability due to its potential for causing buffer overflow and leading to remote code execution.
How do I fix CVE-2012-5676?
To fix CVE-2012-5676, update Adobe Flash Player to version 10.3.183.48 or later for Windows and to version 11.5.502.135 or later for Mac OS X.
What platforms are affected by CVE-2012-5676?
CVE-2012-5676 affects multiple platforms including Windows, Mac OS X, Linux, and Android operating systems.
Are there any specific Adobe Flash Player versions that are susceptible to CVE-2012-5676?
Yes, Adobe Flash Player versions before 10.3.183.48 and 11.x before 11.5.502.135 are susceptible to CVE-2012-5676.
Can CVE-2012-5676 be exploited remotely?
Yes, CVE-2012-5676 can be exploited remotely, allowing attackers to execute arbitrary code on the affected systems.
- agent/type
- agent/remedy
- agent/severity
- agent/references
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/macromedia flash player
- version/macromedia flash player/10.3
- version/macromedia flash player/11.5
- vendor/microsoft
- canonical/microsoft windows operating system
- version/macromedia flash player/11.2
- vendor/linux
- canonical/linux kernel
- version/macromedia flash player/11.1
- vendor/google
- canonical/android
- version/android/2.0
- version/android/2.3.7
- version/android/3.0
- version/android/3.2.6
- version/android/4.0
- version/android/4.4.4
- canonical/adobe
- vendor/apple
- canonical/apple ios and macos
- canonical/adobe air