Medium severity6.1CISA KEVNVD Advisory· Published Feb 16, 2012· Updated Jun 16, 2026
CVE-2012-0767
CVE-2012-0767
Description
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)," as exploited in the wild in February 2012.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*range: <10.3.183.15
- (no CPE)range: <10.3.183.15, <11.1.102.62
Patches
Vulnerability mechanics
References
9- www.adobe.com/support/security/bulletins/apsb12-03.htmlnvdBroken LinkPatchVendor Advisory
- rhn.redhat.com/errata/RHSA-2012-0144.htmlnvdThird Party Advisory
- security.gentoo.org/glsa/glsa-201204-07.xmlnvdThird Party Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14806nvdThird Party Advisory
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15933nvdThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.htmlnvdBroken Link
- secunia.com/advisories/48265nvdBroken Link
- secunia.com/advisories/48819nvdBroken Link
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.