nvd-json-data-feeds/CVE-2012/CVE-2012-20xx/CVE-2012-2040.json

{
  "id": "CVE-2012-2040",
  "sourceIdentifier": "psirt@adobe.com",
  "published": "2012-06-09T00:55:01.253",
  "lastModified": "2021-09-08T17:19:28.820",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows local users to gain privileges via a Trojan horse executable file in an unspecified directory."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de path de b\u00fasqueda no seguro en el instalador de Adobe Flash Player anteriores a v10.3.183.20 y 11.x anteriores a v11.3.300.257 en Windows y Mac OS X; anteriores a v10.3.183.20 y 11.x anteriores a v11.2.202.236 en Linux; anteriores a v11.1.111.10 en Android v2.x y v3.x; y anteriores a vv11.1.115.9 en Android v4.x, y Adobe AIR anteriores a v3.3.0.3610, permite a usuarios locales obtener privilegios a trav\u00e9s de un programa troyano en un fichero no especificado."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-426"
        }
      ]
    }
  ],
  "configurations": [
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "11.2.202.235",
              "matchCriteriaId": "672F3490-4072-4110-9CDD-0D6CB2379AF3"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "11.1.115.8",
              "matchCriteriaId": "F4EE60C5-C066-4268-A90D-86BB3862A2A0"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "4.0",
              "versionEndIncluding": "4.4.4",
              "matchCriteriaId": "539FC1E0-6987-48EE-8FE9-7A27D4C3B69A"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "11.1.111.9",
              "matchCriteriaId": "A6AA2009-E921-4F32-AB61-07CAE2C6B93F"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "2.0",
              "versionEndIncluding": "3.2.6",
              "matchCriteriaId": "1C031663-1513-4A3C-A398-2179893416A8"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "3.2.0.2070",
              "matchCriteriaId": "EFF9FCBD-A543-48CF-8332-27154B491C5C"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
            },
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
            }
          ]
        }
      ]
    },
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBB2C482-D2A4-48B3-ACE7-E1DFDCC409B5"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "F0545634-EC4A-48E8-AB3D-49802FB11758"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "60FBDD82-691C-4D9D-B71B-F9AFF6931B53"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "00720D8C-3FF3-4B1C-B74B-91F01A544399"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html",
      "source": "psirt@adobe.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html",
      "source": "psirt@adobe.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ]
    },
    {
      "url": "http://www.adobe.com/support/security/bulletins/apsb12-14.html",
      "source": "psirt@adobe.com",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}