← Back to CVEs
CVE-2012-0767
MEDIUMCISA KEV6.1
Description
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)," as exploited in the wild in February 2012.
CVE Details
CVSS v3.1 Score6.1
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionREQUIRED
Published2/16/2012
Last Modified4/21/2026
Sourcekev
Honeypot Sightings0
CISA KEV
VendorAdobe
ProductFlash Player
Vulnerability NameAdobe Flash Player Cross-Site Scripting (XSS) Vulnerability
KEV Date Added2022-06-08
Remediation Due Date2022-06-22
Ransomware UseUnknown
Affected Products
adobe:flash_playerapple:mac_os_xgoogle:androidlinux:linux_kernelmicrosoft:windowsoracle:solaris
Weaknesses (CWE)
CWE-79CWE-79
References
http://rhn.redhat.com/errata/RHSA-2012-0144.html(psirt@adobe.com)
http://secunia.com/advisories/48265(psirt@adobe.com)
http://secunia.com/advisories/48819(psirt@adobe.com)
http://security.gentoo.org/glsa/glsa-201204-07.xml(psirt@adobe.com)
http://www.adobe.com/support/security/bulletins/apsb12-03.html(psirt@adobe.com)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14806(psirt@adobe.com)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15933(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2012-0144.html(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/48265(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/48819(af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-201204-07.xml(af854a3a-2127-422b-91ae-364da2661108)
http://www.adobe.com/support/security/bulletins/apsb12-03.html(af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14806(af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15933(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-0767(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.