Vulnerability Details : CVE-2012-1535
Public exploit exists!
Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted SWF content, as exploited in the wild in August 2012 with SWF content in a Word document.
Vulnerability category: Execute codeDenial of service
CVE-2012-1535 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Adobe Flash Player Arbitrary Code Execution Vulnerability
CISA required action:
The impacted product is end-of-life and should be disconnected if still in use.
CISA description:
Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute arbitrary code or cause a denial of service via crafted SWF content.
Added on
2022-03-03
Action due date
2022-03-24
Exploit prediction scoring system (EPSS) score for CVE-2012-1535
Probability of exploitation activity in the next 30 days: 93.75%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2012-1535
-
Adobe Flash Player 11.3 Kern Table Parsing Integer Overflow
Disclosure Date: 2012-08-09First seen: 2020-04-26exploit/windows/browser/adobe_flash_otf_fontThis module exploits a vulnerability found in the ActiveX component of Adobe Flash Player before 11.3.300.271. By supplying a specially crafted .otf font file with a large nTables value in the 'kern' header, it is possible to trigger an integer overflow, which resu
CVSS scores for CVE-2012-1535
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2012-1535
-
http://security.gentoo.org/glsa/glsa-201209-01.xml
Adobe Flash Player: Multiple vulnerabilities (GLSA 201209-01) — Gentoo security
-
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00010.html
[security-announce] openSUSE-SU-2012:0996-1: critical: flash-player to 1
-
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00012.html
[security-announce] SUSE-SU-2012:1001-2: important: Security update for
-
http://www.adobe.com/support/security/bulletins/apsb12-18.html
Adobe - Security Bulletins: APSB12-18 - Security update available for Adobe Flash PlayerPatch;Vendor Advisory
-
http://rhn.redhat.com/errata/RHSA-2012-1203.html
RHSA-2012:1203 - Security Advisory - Red Hat Customer Portal
-
http://marc.info/?l=bugtraq&m=139455789818399&w=2
'[security bulletin] HPSBMU02948 rev.1 - HP Systems Insight Manager (SIM) Running on Linux and Window' - MARC
Products affected by CVE-2012-1535
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*When used together with: Linux » Linux Kernel
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.24.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.28:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.25:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.18d60:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.31:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.28.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.20.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.31.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.47.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.48.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.63:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.69.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.70.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.34.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.112.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.155.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.45.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.35.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.39.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.114.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.124.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.115.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.12.10:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.0.584:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.159.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.22.87:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.125.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.12.36:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.125.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.260.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.246.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.262.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.152.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.151.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.42.34:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.15.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.32.18:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.14.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.68.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.67.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.73.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.42.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.53.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.60.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.33.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.61.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.66.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.19.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:7.0.24.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:6.0.79:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:8.0.22.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.52.15:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.52.14.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.45.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:6.0.21.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.82.76:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.92.10:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.53.64:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.85.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.95.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.95.2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.92.8:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.102.64:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.277.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.283.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.2.152.32:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.2.152.33:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.2.154.13:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.2.154.25:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.2.152:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.2.156.12:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.105.6:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.106.16:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.181.14:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.2.153.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.2.159.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.2.157.51:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.181.16:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.181.34:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.181.23:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.183.5:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.186.3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.1.102.55:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:5:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:4:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.183.10:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.183.7:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.280:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:3:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:2:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.2.152.26:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.181.26:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.181.22:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:6:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.0.1.152:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.0.1.153:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.183.11:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.1.102.62:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.183.15:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.1.102.63:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.1.102.59:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.1.111.8:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.183.19:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.185.22:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.186.6:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.183.16:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.228:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.235:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.186.7:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.2.202.233:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:11.1.115.7:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.0.2.54:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.52.14:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.183.18:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:9.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.3.185.24:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:10.1.106.17:*:*:*:*:*:*:*