Unrated severityNVD Advisory· Published Nov 13, 2012· Updated Apr 29, 2026

CVE-2012-5285

Description

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22.

Affected products

Adobe Inc./Air2 versions
cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*range: <3.4.0.2710
- (no CPE)range: <3.4.0.2710
Adobe Inc./Air Sdk
cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*
Range: <3.4.0.2710
Adobe Inc./Flashplayer
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
Range: >=10.3,<10.3.183.29
Adobe Inc./Flash Playerllm-fuzzy
Range: <10.3.183.29, >=11.0 <11.4.402.287 (Windows/Mac); <10.3.183.29, >=11.0 <11.2.202.243 (Linux); <11.1.111.19 (Android 2.x/3.x); <11.1.115.20 (Android 4.x)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.adobe.com/support/security/bulletins/apsb12-22.htmlnvdPatchVendor Advisory
www.securityfocus.com/bid/56374nvdThird Party AdvisoryVDB Entry
exchange.xforce.ibmcloud.com/vulnerabilities/79770nvdThird Party AdvisoryVDB Entry
osvdb.org/86874nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000