CVE-2012-1535

Publication date 15 August 2012

Last updated 25 August 2025

Ubuntu priority

Medium

Why this priority?

Cvss 3 Severity Score

7.8 · High

Score breakdown

Description

Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted SWF content, as exploited in the wild in August 2012 with SWF content in a Word document.

Status

Package Ubuntu Release Status
adobe-flashplugin 12.04 LTS precise
Fixed 11.2.202.238-0precise1
11.10 oneiric
Fixed 11.2.202.238-0oneiric1
11.04 natty
Fixed 11.2.202.238-0natty1
10.04 LTS lucid
Fixed 11.2.202.238-0lucid1
8.04 LTS hardy Ignored end of life
flashplugin-nonfree 12.04 LTS precise
Fixed 11.2.202.238ubuntu0.12.04.1
11.10 oneiric
Fixed 11.2.202.238ubuntu0.11.10.1
11.04 natty
Fixed 11.2.202.238ubuntu0.11.04.1
10.04 LTS lucid
Fixed 11.2.202.238ubuntu0.10.04.1
8.04 LTS hardy Ignored end of life

Severity score breakdown

Parameter Value
Base score 7.8 · High
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Scope Unchanged
Confidentiality High
Integrity impact High
Availability impact High
Vector CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

Other references