Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows local users to gain privileges via a Trojan horse executable file in an unspecified directory.
2012-06-09T00:55:01.253
2025-04-11T00:51:21.963
Deferred
CVSSv2: 9.3 (HIGH)
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | adobe | flash_player | ≤ 11.2.202.235 | Yes |
| Operating System | apple | macos | - | No |
| Operating System | linux | linux_kernel | - | No |
| Operating System | microsoft | windows | - | No |
| Application | adobe | flash_player | ≤ 11.1.115.8 | Yes |
| Operating System | android | ≤ 4.4.4 | No | |
| Application | adobe | flash_player | ≤ 11.1.111.9 | Yes |
| Operating System | android | ≤ 3.2.6 | No | |
| Application | adobe | air | ≤ 3.2.0.2070 | Yes |
| Operating System | apple | macos | - | No |
| Operating System | android | - | No | |
| Operating System | microsoft | windows | - | No |
| Operating System | opensuse | opensuse | 11.4 | Yes |
| Operating System | opensuse | opensuse | 12.1 | Yes |
| Operating System | suse | linux_enterprise_desktop | 10 | Yes |
| Operating System | suse | linux_enterprise_desktop | 11 | Yes |
| Operating System | suse | linux_enterprise_desktop | 11 | Yes |