CVE-2012-0767 in Flash Playerinfo

Summary

by MITRE

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)," as exploited in the wild in February 2012.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Analysis

by VulDB Data Team • 04/22/2026

The CVE-2012-0767 vulnerability represents a critical cross-site scripting flaw in Adobe Flash Player that was actively exploited in February 2012, marking one of the earliest and most significant instances of universal cross-site scripting attacks. This vulnerability affected multiple operating systems including Windows, Mac OS X, Linux, and Solaris, with specific versions of Flash Player before 10.3.183.15 and 11.x before 11.1.102.62. Additionally, mobile platforms were impacted with versions before 11.1.111.6 on Android 2.x and 3.x, and before 11.1.115.6 on Android 4.x, demonstrating the widespread nature of this security flaw.

The technical nature of this vulnerability stems from improper input validation within the Flash Player's handling of web content, creating a universal cross-site scripting condition that allowed attackers to inject malicious scripts or HTML code into web pages. This flaw was particularly dangerous because it operated across different platforms and browsers, making it exceptionally difficult to defend against through traditional browser-based security measures. The vulnerability was categorized under CWE-79 as a Cross-site Scripting flaw, specifically manifesting as a universal XSS condition that bypassed typical security boundaries. The attack vector involved unspecified methods of exploitation that could be leveraged through various web delivery mechanisms.

The operational impact of CVE-2012-0767 was severe and far-reaching, as it enabled attackers to execute arbitrary code on victim machines without requiring user interaction beyond visiting compromised websites. This made it particularly dangerous for phishing attacks, drive-by downloads, and other social engineering campaigns that could compromise user systems and potentially lead to credential theft, data exfiltration, or further system compromise. The vulnerability's exploitation in the wild demonstrated the capability of attackers to leverage Flash Player's widespread installation base for mass attacks. According to ATT&CK framework, this vulnerability mapped to T1059.007 for Command and Scripting Interpreter: JavaScript and T1566 for Phishing, as it enabled attackers to deliver malicious JavaScript payloads through compromised web content.

The exploitation of this vulnerability highlighted critical gaps in Adobe's security practices and the broader challenges of securing rich internet applications. Organizations faced significant challenges in mitigating this threat due to the widespread deployment of Flash Player across enterprise environments and the difficulty in quickly patching systems. The vulnerability's classification as a universal XSS attack underscored the need for comprehensive security measures beyond traditional perimeter defenses. Security professionals had to implement additional monitoring and detection capabilities to identify exploitation attempts, while organizations needed to accelerate their patch management processes to protect against this and similar vulnerabilities. The incident also emphasized the importance of maintaining updated security intelligence and threat hunting capabilities to identify and respond to zero-day exploits in real-time environments.

Reservation

01/18/2012

Disclosure

02/16/2012

Moderation

accepted

Entry

VDB-60239

CPE

ready

Exploit

Download

EPSS

0.06662

KEV

yes

Activities

very low

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!