VIR Vulnerability Intelligence Relay

CVE-2012-4172

critical
Published 2012-10-23 · Modified 2026-04-29
CVSS v3
CVSS v2
10.0
VIR risk
10.0

Description

Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4173, CVE-2012-4174, CVE-2012-4175, and CVE-2012-5273.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@adobe.com — http://www.adobe.com/support/security/bulletins/apsb12-23.html

Application impact
VendorProductVersionsFixed
adobeshockwave_player{"endIncluding":"11.6.7.637"}
adobeshockwave_player1.0
adobeshockwave_player2.0
adobeshockwave_player3.0
adobeshockwave_player4.0
adobeshockwave_player5.0
adobeshockwave_player6.0
adobeshockwave_player8.0
adobeshockwave_player8.0.196
adobeshockwave_player8.0.196a
adobeshockwave_player8.0.204
adobeshockwave_player8.0.205
adobeshockwave_player8.5.1
adobeshockwave_player8.5.1.100
adobeshockwave_player8.5.1.103
adobeshockwave_player8.5.1.105
adobeshockwave_player8.5.1.106
adobeshockwave_player8.5.321
adobeshockwave_player8.5.323
adobeshockwave_player8.5.324
adobeshockwave_player8.5.325
adobeshockwave_player9.0.383
adobeshockwave_player9.0.432
adobeshockwave_player10.0.0.210
adobeshockwave_player10.0.1.004
adobeshockwave_player10.1.0.11
adobeshockwave_player10.1.0.011
adobeshockwave_player10.1.1.016
adobeshockwave_player10.1.4.020
adobeshockwave_player10.2.0.021
adobeshockwave_player10.2.0.022
adobeshockwave_player10.2.0.023
adobeshockwave_player11.0.0.456
adobeshockwave_player11.0.3.471
adobeshockwave_player11.5.0.595
adobeshockwave_player11.5.0.596
adobeshockwave_player11.5.1.601
adobeshockwave_player11.5.2.602
adobeshockwave_player11.5.6.606
adobeshockwave_player11.5.7.609
adobeshockwave_player11.5.8.612
adobeshockwave_player11.5.9.615
adobeshockwave_player11.5.9.620
adobeshockwave_player11.5.10.620
adobeshockwave_player11.6.0.626
adobeshockwave_player11.6.1.629
adobeshockwave_player11.6.3.633
adobeshockwave_player11.6.4.634
adobeshockwave_player11.6.5.635
adobeshockwave_player11.6.6.636

References

CWEs

CWE-119

Verify integrity in audit chain (admin only). AS-IS.