CVE-2012-2040 : Detail

CVE-2012-2040

A08-Soft and Data Integrity Fail
0.1%V3
Network
2012-06-08
22h00 +00:00
2018-01-04
19h57 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows local users to gain privileges via a Trojan horse executable file in an unspecified directory.

CVE Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE-426 Untrusted Search Path
The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

Metrics

Metrics Score Severity CVSS Vector Source
V2 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C [email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Products Mentioned

Configuraton 0

Adobe>>Flash_player >> Version To (including) 11.2.202.235

Apple>>Macos >> Version -

Linux>>Linux_kernel >> Version -

Microsoft>>Windows >> Version -

Configuraton 0

Adobe>>Flash_player >> Version To (including) 11.1.115.8

Google>>Android >> Version From (including) 4.0 To (including) 4.4.4

Configuraton 0

Adobe>>Flash_player >> Version To (including) 11.1.111.9

Google>>Android >> Version From (including) 2.0 To (including) 3.2.6

Configuraton 0

Adobe>>Air >> Version To (including) 3.2.0.2070

Apple>>Macos >> Version -

Google>>Android >> Version -

Microsoft>>Windows >> Version -

Configuraton 0

Opensuse>>Opensuse >> Version 11.4

Opensuse>>Opensuse >> Version 12.1

Suse>>Linux_enterprise_desktop >> Version 10

Suse>>Linux_enterprise_desktop >> Version 11

Suse>>Linux_enterprise_desktop >> Version 11

References