CVE-2012-0725

Published: Apr 6, 2012Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0724.

Affected (6)

Products: Adobe: Flash Player, Air · Google: Chrome

2 products

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Adobe Flash Player	Before 11.2.202.229
Google Chrome	Before 18.0.1025.151

Configuration B

1 vulnerable · 3 platform

Vulnerable Software	Affected Versions
Adobe Flash Player	Before 11.2.202.228

Running on/with	Platform Versions
Apple Macos	All versions
Linux Linux Kernel	All versions
Microsoft Windows	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Adobe Flash Player	Before 11.2.202.223

Running on/with	Platform Versions
Oracle Solaris	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Adobe Flash Player	Before 11.1.111.8

Running on/with	Platform Versions
Google Android	All versions

Configuration E

1 vulnerable

Vulnerable Software	Affected Versions
Adobe Air	Before 3.2.0.2070

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (11)

http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-updates.html

Source: psirt@us.ibm.com

Vendor Advisory

http://secunia.com/advisories/48732

Source: psirt@us.ibm.com

Third Party Advisory

http://www.adobe.com/support/security/bulletins/apsb12-07.html

Source: psirt@us.ibm.com

Vendor Advisory

http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf

Source: psirt@us.ibm.com

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14628

Source: psirt@us.ibm.com

Third Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/74639

Source: nvd@nist.gov

Third Party Advisory

http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-updates.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/48732

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.adobe.com/support/security/bulletins/apsb12-07.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14628

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.