CVE-2012-2040

Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows local users to gain privileges via a Trojan horse executable file in an unspecified directory.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
cpe:2.3:o:google:android:*:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
cpe:2.3:o:google:android:*:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*

History

21 Nov 2024, 01:38

Type Values Removed Values Added
References () http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html - Mailing List, Third Party Advisory () http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html - Mailing List, Third Party Advisory
References () http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html - Mailing List, Third Party Advisory () http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html - Mailing List, Third Party Advisory
References () http://www.adobe.com/support/security/bulletins/apsb12-14.html - Vendor Advisory () http://www.adobe.com/support/security/bulletins/apsb12-14.html - Vendor Advisory

Information

Published : 2012-06-09 00:55

Updated : 2024-11-21 01:38


NVD link : CVE-2012-2040

Mitre link : CVE-2012-2040

CVE.ORG link : CVE-2012-2040


JSON object : View

Products Affected

apple

  • macos

opensuse

  • opensuse

suse

  • linux_enterprise_desktop

adobe

  • air
  • flash_player

linux

  • linux_kernel

microsoft

  • windows

google

  • android
CWE
CWE-426

Untrusted Search Path