CVE-2012-5678: Buffer Overflow
First published: Wed Dec 12 2012(Updated: )
Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; Adobe AIR before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X; and Adobe AIR SDK before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Macromedia Flash Player | >=10.3<10.3.183.48 | |
| Macromedia Flash Player | >=11.5<11.5.502.135 | |
| Microsoft Windows | ||
| Macromedia Flash Player | >=11.2<11.2.202.258 | |
| Linux Kernel | ||
| Macromedia Flash Player | >=11.1<11.1.111.29 | |
| Android | >=2.0<=2.3.7 | |
| Android | >=3.0<=3.2.6 | |
| Macromedia Flash Player | >=11.1<11.1.115.34 | |
| Android | >=4.0<=4.4.4 | |
| Adobe | <3.5.0.880 | |
| Macromedia Flash Player | >=11.5<11.5.502.136 | |
| Apple iOS and macOS | ||
| Adobe | <3.5.0.890 | |
| Adobe AIR | <3.5.0.880 | |
| Adobe AIR | <3.5.0.890 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-5678?
CVE-2012-5678 has been classified as critical due to its potential for exploitation via remote code execution.
How do I fix CVE-2012-5678?
To fix CVE-2012-5678, upgrade Adobe Flash Player to version 10.3.183.48 or later, or 11.x to version 11.5.502.135 or later.
Which versions of Adobe Flash Player are affected by CVE-2012-5678?
Affected versions include Adobe Flash Player before 10.3.183.48 for Windows and 11.x before 11.5.502.135 on multiple platforms.
Are there any workarounds for CVE-2012-5678?
Disabling or uninstalling Adobe Flash Player can serve as a temporary workaround until an update is applied.
What platforms are impacted by CVE-2012-5678?
CVE-2012-5678 affects Windows, macOS, Linux, and Android platforms running specific versions of Adobe Flash Player.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/remedy
- agent/author
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/macromedia flash player
- version/macromedia flash player/10.3
- version/macromedia flash player/11.5
- vendor/microsoft
- canonical/microsoft windows
- version/macromedia flash player/11.2
- vendor/linux
- canonical/linux kernel
- version/macromedia flash player/11.1
- vendor/google
- canonical/android
- version/android/2.0
- version/android/2.3.7
- version/android/3.0
- version/android/3.2.6
- version/android/4.0
- version/android/4.4.4
- canonical/adobe
- vendor/apple
- canonical/apple ios and macos
- canonical/adobe air