Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2012-4164

Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4163 and CVE-2012-4165.

Published

2012-08-21T23:55:01.310

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 10.0 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

10.0

Impact Score

10.0

Weaknesses
  • Type: Primary
    CWE-119
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application adobe flash_player < 10.3.183.23 Yes
Application adobe flash_player < 11.4.402.265 Yes
Operating System apple mac_os_x - No
Operating System microsoft windows - No
Application adobe flash_player < 10.3.183.23 Yes
Application adobe flash_player < 11.2.202.238 Yes
Operating System linux linux_kernel - No
Application adobe flash_player < 11.1.111.16 Yes
Operating System google android ≤ 2.3.7 No
Operating System google android ≤ 3.2.6 No
Application adobe flash_player < 11.1.115.17 Yes
Operating System google android ≤ 4.4.4 No
Application adobe air < 3.4.0.2540 Yes
Application adobe air_sdk < 3.4.0.2540 Yes
References