CVE-2012-2040

Severity

72%

Complexity

39%

Confidentiality

165%

http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'

Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows local users to gain privileges via a Trojan horse executable file in an unspecified directory.

http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'

CVSS 2.0 Base Score 7.2. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C).

Overview

Type

Adobe

First reported 12 years ago

2012-06-09 00:55:00

Last updated 7 years ago

2018-01-05 02:29:00

Affected Software

Adobe Adobe Integrated Runtime (AIR) 1.0

1.0

Adobe Adobe Integrated Runtime 1.0.1

1.0.1

Adobe Integrated Runtime (AIR) 1.0.8.4990

1.0.8.4990

Adobe Integrated Runtime (AIR) 1.0.4990

1.0.4990

Adobe Adobe Integrated Runtime (AIR) 1.1

1.1

Adobe Integrated Runtime (AIR) 1.1.0.5790

1.1.0.5790

Adobe Adobe Integrated Runtime (AIR) 1.5

1.5

Adobe Integrated Runtime (AIR) 1.5.0.7220

1.5.0.7220

Adobe Adobe Integrated Runtime 1.5.1

1.5.1

Adobe Integrated Runtime (AIR) 1.5.1.8210

1.5.1.8210

Adobe Adobe Integrated Runtime (AIR) 1.5.2

1.5.2

Adobe Adobe Integrated Runtime (AIR) 1.5.3

1.5.3

Adobe Adobe Integrated Runtime (AIR) 1.5.3.9120

1.5.3.9120

Adobe Integrated Runtime (AIR) 1.5.3.9130

1.5.3.9130

Adobe Adobe Integrated Runtime (AIR) 2.0.2

2.0.2

Adobe Integrated Runtime (AIR) 2.0.2.12610

2.0.2.12610

Adobe Adobe Integrated Runtime (AIR) 2.0.3

2.0.3

Adobe Adobe Integrated Runtime (AIR) 2.0.3.13070

2.0.3.13070

Adobe Adobe Integrated Runtime (AIR) 2.0.4

2.0.4

Adobe Integrated Runtime (AIR) 2.5.0.16600

2.5.0.16600

Adobe Integrated Runtime (AIR) 2.5.1.17730

2.5.1.17730

Adobe Adobe Integrated Runtime 2.6

2.6

Adobe Integrated Runtime (AIR) 2.6.0.19120

2.6.0.19120

Adobe Integrated Runtime (AIR) 2.6.0.19140

2.6.0.19140

Adobe Adobe Integrated Runtime 2.7

2.7

Adobe Adobe Integrated Runtime 2.7.0.1948

2.7.0.1948

Adobe Adobe Integrated Runtime 2.7.0.1953

2.7.0.1953

Adobe Integrated Runtime (AIR) 2.7.0.19480

2.7.0.19480

Adobe Integrated Runtime (AIR) 2.7.0.19530

2.7.0.19530

Adobe Adobe Integrated Runtime 2.7.1

2.7.1

Adobe Adobe Integrated Runtime (AIR) 2.7.1.19610

2.7.1.19610

Adobe Adobe Integrated Runtime 3.0.0.408

3.0.0.408

Adobe Integrated Runtime (AIR) 3.0.0.4080

3.0.0.4080

Adobe Adobe Integrated Runtime 3.1.0.485

3.1.0.485

Adobe Adobe Integrated Runtime 3.1.0.488

3.1.0.488

Adobe Integrated Runtime (AIR) 3.1.0.4880

3.1.0.4880

Adobe Adobe Integrated Runtime (AIR)

Adobe Adobe Integrated Runtime 3.2.0.2070

3.2.0.2070

References

openSUSE-SU-2012:0723

SUSE-SU-2012:0724

http://www.adobe.com/support/security/bulletins/apsb12-14.html

Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.