Bug 848180 - (CVE-2012-1535) CVE-2012-1535 flash-plugin: code execution flaw (APSB12-18)
CVE-2012-1535 flash-plugin: code execution flaw (APSB12-18)
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
urgent Severity urgent
: ---
: ---
Assigned To: Red Hat Product Security
impact=critical,public=20120814,repor...
: Security
Depends On: 848191 848192 848634 848635
Blocks: 848181
  Show dependency treegraph
 
Reported: 2012-08-14 16:30 EDT by Vincent Danen
Modified: 2015-11-24 10:09 EST (History)
6 users (show)

See Also:
Fixed In Version: flash-plugin 11.2.202.238
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-08-25 12:18:51 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Vincent Danen 2012-08-14 16:30:30 EDT
Adobe security bulletin APSB12-18 describes one security flaw that could cause Adobe Flash Player to crash and potentially allow an attacker to take control of the affected system:

Adobe has released security updates for Adobe Flash Player 11.3.300.270 and earlier versions for Windows, Macintosh and Linux. These updates address a vulnerability (CVE-2012-1535) that could cause the application to crash and potentially allow an attacker to take control of the affected system.

There are reports that the vulnerability is being exploited in the wild in limited targeted attacks, distributed through a malicious Word document. The exploit targets the ActiveX version of Flash Player for Internet Explorer on Windows.


External Reference:

http://www.adobe.com/support/security/bulletins/apsb12-18.html
Comment 2 Vincent Danen 2012-08-14 17:09:18 EDT
The Linux version that fixes this flaw is 11.2.202.238.
Comment 3 errata-xmlrpc 2012-08-15 15:27:47 EDT
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2012:1173 https://rhn.redhat.com/errata/RHSA-2012-1173.html
Comment 6 errata-xmlrpc 2012-08-23 12:29:15 EDT
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 5

Via RHSA-2012:1203 https://rhn.redhat.com/errata/RHSA-2012-1203.html

Note You need to log in before you can comment on or make changes to this bug.