cbcvebase.
CVE-2012-5054
published 2012-09-24

CVE-2012-5054: Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code…

PriorityP180high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-06-22
Exploited in the wild
EPSS
21.19%
97.3th percentile
Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments.

Affected

1 ranges
VendorProductVersion rangeFixed in
adobeflash_player< 11.4.402.26511.4.402.265

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://packetstormsecurity.org/files/116435/Adobe-Flash-Player-Matrix3D-Integer-Overflow-Code-Execution.html
urlhttp://www.adobe.com/support/security/bulletins/apsb12-19.html
  • Target the copyRawDataTo method in the Matrix3D class within Adobe Flash Player; exploitation involves passing malformed (integer-overflow-triggering) arguments to this method.
  • On Linux, the vulnerable version range is Flash Player 11.2.202.236 and earlier; the patched version is 11.2.202.238. Flag any Linux hosts running Flash Player <= 11.2.202.236.
  • Any Adobe Flash Player installation older than version 11.4.402.265 (Windows/Mac) should be treated as vulnerable and flagged for immediate action or disconnection.
  • ·Adobe Flash Player is end-of-life; CISA mandates disconnection of any remaining deployments rather than patching.
  • ·The fixed version threshold differs by platform: Windows/Mac require >= 11.4.402.265, while Linux requires >= 11.2.202.238. Detection rules must account for both version branches.

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vulncheck8.8HIGH
cisa8.8HIGH
vendor_redhat8.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.