CVE-2012-4168
published 2012-08-21CVE-2012-4168: Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before…
medium4.3CVSS 3.1
AVNACMAuNCPINAN
Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow remote attackers to read content from a different domain via a crafted web site.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | air | < 3.4.0.2540 | 3.4.0.2540 |
| adobe | air_sdk | < 3.4.0.2540 | 3.4.0.2540 |
| adobe | flash_player | >= 10.3 < 10.3.183.23 | 10.3.183.23 |
| adobe | flash_player | >= 11.1 < 11.1.111.16 | 11.1.111.16 |
| adobe | flash_player | >= 11.1 < 11.1.115.17 | 11.1.115.17 |
| adobe | flash_player | >= 11.2 < 11.2.202.238 | 11.2.202.238 |
| adobe | flash_player | >= 11.4 < 11.4.402.265 | 11.4.402.265 |
GHSA
GHSA-g7fv-ffv7-x9gv: Adobe Flash Player before 10
ghsa_unreviewed·2022-05-14
CVE-2012-4168 [MEDIUM] CWE-200 GHSA-g7fv-ffv7-x9gv: Adobe Flash Player before 10
Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow remote attackers to read content from a different domain via a crafted web site.
Red Hat
flash-plugin: cross-domain information leak flaw (APSB12-19)
vendor_redhat·2012-08-21·CVSS 4.3
CVE-2012-4168 [MEDIUM] flash-plugin: cross-domain information leak flaw (APSB12-19)
flash-plugin: cross-domain information leak flaw (APSB12-19)
Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow remote attackers to read content from a different domain via a crafted web site.
No detection rules found.
No public exploits indexed.
http://marc.info/?l=bugtraq&m=139455789818399&w=2http://rhn.redhat.com/errata/RHSA-2012-1203.htmlhttp://security.gentoo.org/glsa/glsa-201209-01.xmlhttp://www.adobe.com/support/security/bulletins/apsb12-19.htmlhttp://marc.info/?l=bugtraq&m=139455789818399&w=2http://rhn.redhat.com/errata/RHSA-2012-1203.htmlhttp://security.gentoo.org/glsa/glsa-201209-01.xmlhttp://www.adobe.com/support/security/bulletins/apsb12-19.html
2012-08-21
Published