⚠ Actively exploited
Added to CISA KEV on 2022-06-08. Federal agencies required to patch by 2022-06-22. Required action: The impacted product is end-of-life and should be disconnected if still in use..
CVE-2012-0754 — Out-of-bounds Write in Adobe Flash Player
Severity
8.1HIGHNVD
EPSS
91.5%
top 0.32%
CISA KEV
KEV
Added 2022-06-08
Due 2022-06-22
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedFeb 16
KEV addedJun 8
KEV dueJun 22
CISA Required Action: The impacted product is end-of-life and should be disconnected if still in use.
Description
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9
Affected Packages1 packages
Patches
🔴Vulnerability Details
2💥Exploits & PoCs
2🔍Detection Rules
1📋Vendor Advisories
2🕵️Threat Intelligence
2💬Community
1Bugzilla▶
CVE-2012-0752 CVE-2012-0753 CVE-2012-0754 CVE-2012-0755 CVE-2012-0756 flash-plugin: multiple code execution flaws (APSB12-03)↗2012-02-16