返回 CVE 浏览器

CVE-2012-0767

Known Exploited (CISA KEV)MEDIUM

6.1

CVSS Severity Score

EPSS Score84.0780%

EPSS Percentile96.70th

Published2012年2月16日

Last Modified2026年4月21日

Vulnerability Description

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)," as exploited in the wild in February 2012.

Affected Platforms (CPE)

📦

Adobe

Flash Player

< 10.3.183.15

📦

Adobe

Flash Player

>= 11.0 and < 11.1.102.62

📦

Adobe

Flash Player

< 11.1.111.6

📦

Adobe

Flash Player

< 11.1.115.6

References & Advisories

🔗 http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html

🔗 http://rhn.redhat.com/errata/RHSA-2012-0144.html

🔗 http://secunia.com/advisories/48265

🔗 http://secunia.com/advisories/48819

🔗 http://security.gentoo.org/glsa/glsa-201204-07.xml

🔗 http://www.adobe.com/support/security/bulletins/apsb12-03.html

🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14806

🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15933

相关漏洞威胁

CVE-2012-525510.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...

CVE-2012-525610.0

Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11....

CVE-2012-525410.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...

CVE-2012-525710.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...