← Volver a CVEs

CVE-2012-0767

MEDIUMCISA KEV

6.1

Descripcion

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)," as exploited in the wild in February 2012.

Detalles CVE

Puntuacion CVSS v3.16.1

SeveridadMEDIUM

Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Vector de ataqueNETWORK

ComplejidadLOW

Privilegios requeridosNONE

Interaccion usuarioREQUIRED

Publicado2/16/2012

Ultima modificacion4/21/2026

Fuentekev

Avistamientos honeypot0

CISA KEV

VendedorAdobe

ProductoFlash Player

Nombre vulnerabilidadAdobe Flash Player Cross-Site Scripting (XSS) Vulnerability

Fecha inclusion KEV2022-06-08

Fecha limite remediacion2022-06-22

Uso en ransomwareUnknown

Productos afectados

adobe:flash_playerapple:mac_os_xgoogle:androidlinux:linux_kernelmicrosoft:windowsoracle:solaris

Debilidades (CWE)

CWE-79CWE-79

Referencias

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html(psirt@adobe.com)

http://rhn.redhat.com/errata/RHSA-2012-0144.html(psirt@adobe.com)

http://secunia.com/advisories/48265(psirt@adobe.com)

http://secunia.com/advisories/48819(psirt@adobe.com)

http://security.gentoo.org/glsa/glsa-201204-07.xml(psirt@adobe.com)

http://www.adobe.com/support/security/bulletins/apsb12-03.html(psirt@adobe.com)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14806(psirt@adobe.com)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15933(psirt@adobe.com)

http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html(af854a3a-2127-422b-91ae-364da2661108)

http://rhn.redhat.com/errata/RHSA-2012-0144.html(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/48265(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/48819(af854a3a-2127-422b-91ae-364da2661108)

http://security.gentoo.org/glsa/glsa-201204-07.xml(af854a3a-2127-422b-91ae-364da2661108)

http://www.adobe.com/support/security/bulletins/apsb12-03.html(af854a3a-2127-422b-91ae-364da2661108)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14806(af854a3a-2127-422b-91ae-364da2661108)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15933(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-0767(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.