CVE-2012-0725 — HIGH (9.3) — White Hats Nepal

Q: How severe is CVE-2012-0725?

CVE-2012-0725 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2012-0725?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Google Chrome, Apple Macos, Linux Linux Kernel, Microsoft Windows.

Vulnerability Description

Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0724.

CVSS Score

9.3

HIGH

AV:N/AC:M/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Adobe	Flash Player	< 11.2.202.229
Google	Chrome	< 18.0.1025.151
Apple	Macos	-
Linux	Linux Kernel	-
Microsoft	Windows	-
Oracle	Solaris	-
Google	Android	-
Adobe	Air	< 3.2.0.2070

Related Weaknesses (CWE)

CWE-119

References

http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-updatesVendor Advisory
http://secunia.com/advisories/48732Third Party Advisory
http://www.adobe.com/support/security/bulletins/apsb12-07.htmlVendor Advisory
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cerThird Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/74639Third Party Advisory
http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-updatesVendor Advisory
http://secunia.com/advisories/48732Third Party Advisory
http://www.adobe.com/support/security/bulletins/apsb12-07.htmlVendor Advisory
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cerThird Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory

FAQ

What is CVE-2012-0725?

CVE-2012-0725 is a vulnerability with a CVSS score of 9.3 (HIGH). Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vect...

How severe is CVE-2012-0725?

CVE-2012-0725 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-0725?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Flash Player, Google Chrome, Apple Macos, Linux Linux Kernel, Microsoft Windows.