{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-11-02T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01.000Z", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe"}, "references": [{"name": "86874", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/86874"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.adobe.com/support/security/bulletins/apsb12-22.html"}, {"name": "adobe-cve20125285-bo(79770)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79770"}, {"name": "56374", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/56374"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@adobe.com", "ID": "CVE-2012-5285", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "86874", "refsource": "OSVDB", "url": "http://osvdb.org/86874"}, {"name": "http://www.adobe.com/support/security/bulletins/apsb12-22.html", "refsource": "CONFIRM", "url": "http://www.adobe.com/support/security/bulletins/apsb12-22.html"}, {"name": "adobe-cve20125285-bo(79770)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79770"}, {"name": "56374", "refsource": "BID", "url": "http://www.securityfocus.com/bid/56374"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T20:58:03.630Z"}, "title": "CVE Program Container", "references": [{"name": "86874", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/86874"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.adobe.com/support/security/bulletins/apsb12-22.html"}, {"name": "adobe-cve20125285-bo(79770)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79770"}, {"name": "56374", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/56374"}]}]}, "cveMetadata": {"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2012-5285", "datePublished": "2012-11-13T11:00:00.000Z", "dateReserved": "2012-10-04T00:00:00.000Z", "dateUpdated": "2024-08-06T20:58:03.630Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "45371D1F-DC61-45D9-9266-902D34320539", "versionEndExcluding": "10.3.183.29", "versionStartIncluding": "10.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "07D63D89-C701-4C3A-82D6-311147F294AE", "versionEndExcluding": "11.4.402.287", "versionStartIncluding": "11.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "45371D1F-DC61-45D9-9266-902D34320539", "versionEndExcluding": "10.3.183.29", "versionStartIncluding": "10.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "B984A62D-AB6F-4945-B8D9-22CB34FACD39", "versionEndExcluding": "11.2.202.243", "versionStartIncluding": "11.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D54BA0C-36D9-4941-9684-0F0C787AD29D", "versionEndExcluding": "11.1.111.19", "versionStartIncluding": "11.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "matchCriteriaId": "1F3C0381-865A-4176-A291-988E12612161", "versionEndIncluding": "2.3.7", "versionStartIncluding": "2.0", "vulnerable": false}, {"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "matchCriteriaId": "EBEB1CC1-D410-4157-8BF3-8EB8BAC444DD", "versionEndIncluding": "3.2.6", "versionStartIncluding": "3.0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "matchCriteriaId": "2142754E-6396-49F7-84ED-871E40A8B4FE", "versionEndExcluding": "11.1.115.20", "versionStartIncluding": "11.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "matchCriteriaId": "539FC1E0-6987-48EE-8FE9-7A27D4C3B69A", "versionEndIncluding": "4.4.4", "versionStartIncluding": "4.0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD5EA22B-E649-4CB3-9239-0DD9FE67B76B", "versionEndExcluding": "3.4.0.2710", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "C13EE957-5C6D-494C-8207-F277AA1E7FD2", "versionEndExcluding": "3.4.0.2710", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en Adobe Flash Player anteriores a v10.3.183.29 y 11.x anteriores a v11.4.402.287 on Windows and Mac OS X, anteriores a v10.3.183.29 y v11.x anteriores a v11.2.202.243 en Linux, anteriores a v11.1.111.19 en Android v2.x y v3.x, y anteriores a v11.1.115.20 en Android v4.x; Adobe AIR anteriores a v3.4.0.2710; y Adobe AIR SDK anteriores a v3.4.0.2710 permite a atacantes ejecutar c\u00f3digo a trav\u00e9s de vectores no especificados, es una vulnerabilidad distinta a otros listados en APSB12-22."}], "id": "CVE-2012-5285", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-11-13T13:39:47.093", "references": [{"source": "psirt@adobe.com", "tags": ["Broken Link"], "url": "http://osvdb.org/86874"}, {"source": "psirt@adobe.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.adobe.com/support/security/bulletins/apsb12-22.html"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/56374"}, {"source": "psirt@adobe.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79770"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://osvdb.org/86874"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.adobe.com/support/security/bulletins/apsb12-22.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/56374"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79770"}], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2012:1346", "cpe": "cpe:/a:redhat:rhel_extras:5", "package": "flash-plugin-0:11.2.202.243-1.el5", "product_name": "Supplementary for Red Hat Enterprise Linux 5", "release_date": "2012-10-09T00:00:00Z"}, {"advisory": "RHSA-2012:1346", "cpe": "cpe:/a:redhat:rhel_extras:6", "package": "flash-plugin-0:11.2.202.243-1.el6", "product_name": "Supplementary for Red Hat Enterprise Linux 6", "release_date": "2012-10-09T00:00:00Z"}], "bugzilla": {"description": "flash-plugin: multiple code-execution flaws (APSB12-22)", "id": "864284", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=864284"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "details": ["Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22."], "name": "CVE-2012-5285", "public_date": "2012-10-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-5285\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-5285"], "threat_severity": "Critical"}

{}