5 results (0.006 seconds)

CVSS: 10.0EPSS: 53%CPEs: 22EXPL: 1

CVE-2015-3113 – Adobe Flash Player Heap-Based Buffer Overflow Vulnerability

https://notcve.org/view.php?id=CVE-2015-3113

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015. Desbordamiento de buffer basado en memoria dinámica en Adobe Flash Player anterior a 13.0.0.296 y 14.x hasta 18.x anterior a 18.0.0.194 en Windows y OS X y anterior a 11.2.202.468 en Linux permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados, tal y como fue utilizado activamente en junio del 2015. Heap-based buffer overflow vulnerability in Adobe Flash Player allows remote attackers to execute code. • https://www.exploit-db.com/exploits/37536 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00002.html http://marc.info/?l=bugtraq&m=144050155601375&w=2 http://rhn.redhat.com/errata/RHSA-2015-1184.html http://www.securityfocus.com/bid/75371 http://www.securitytracker.com/id/1032696 https://bugzilla.redhat.com/show_bug. • CWE-787: Out-of-bounds Write •

CVSS: 10.0EPSS: 4%CPEs: 2EXPL: 0

CVE-2007-6431

https://notcve.org/view.php?id=CVE-2007-6431

Unspecified vulnerability in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to "take control of the affected system" via unspecified vectors, a different issue than CVE-2007-6148 and CVE-2007-6149. Vulnerabilidad no especificada en Adobe Flash Media Server 2 versiones anteriores a 2.0.5, y Connect Enterprise Server 6 versiones anteriores a SP3, permite a atacantes remotos "tomar el control del sistema afectado" a través de vectores no especificados, una cuestión diferente a CVE-2007-6148 y CVE-2007-6149. • http://secunia.com/advisories/28946 http://secunia.com/advisories/28947 http://www.adobe.com/support/security/bulletins/apsb08-03.html http://www.adobe.com/support/security/bulletins/apsb08-04.html http://www.securityfocus.com/bid/27762 http://www.securitytracker.com/id?1019400 http://www.vupen.com/english/advisories/2008/0538/references http://www.vupen.com/english/advisories/2008/0539 https://exchange.xforce.ibmcloud.com/vulnerabilities/40504 •

CVSS: 10.0EPSS: 23%CPEs: 2EXPL: 0

CVE-2007-6148

https://notcve.org/view.php?id=CVE-2007-6148

Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to execute arbitrary code via an unspecified sequence of Real Time Message Protocol (RTMP) requests. Vulnerabilidad de uso después de liberación (use-after-free) en el servidor Edge de Adobe Flash Media Server 2 versiones anteriores a 2.0.5, y Connect Enterprise Server 6 versiones anteriores a SP3, permite a atacantes remotos ejecutar código de su elección a través de una secuencia no especificada de la petición Real Time Message Protocol (RTMP. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=663 http://secunia.com/advisories/28946 http://secunia.com/advisories/28947 http://www.adobe.com/support/security/bulletins/apsb08-03.html http://www.adobe.com/support/security/bulletins/apsb08-04.html http://www.securityfocus.com/bid/27762 http://www.securitytracker.com/id?1019398 http://www.vupen.com/english/advisories/2008/0538/references http://www.vupen.com/english/advisories/2008/0539 • CWE-399: Resource Management Errors •

CVSS: 10.0EPSS: 11%CPEs: 2EXPL: 0

CVE-2007-6149

https://notcve.org/view.php?id=CVE-2007-6149

Multiple integer overflows in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allow remote attackers to execute arbitrary code via a Real Time Message Protocol (RTMP) message with a crafted integer field that is used for allocation. Múltiples desbordamientos de enteros (integers) en Edge server de Adobe Flash Media Server 2 antes de 2.0.5 y Connect Enterprise Server 6 antes de SP3. Permiten a atacantes remotos ejecutar código de su elección a través de un mensaje Real Time Message Protocol (RTMP) con un campo entero manipulado que se usa para reserva de memoria. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=662 http://secunia.com/advisories/28946 http://secunia.com/advisories/28947 http://www.adobe.com/support/security/bulletins/apsb08-03.html http://www.adobe.com/support/security/bulletins/apsb08-04.html http://www.securityfocus.com/bid/27762 http://www.securitytracker.com/id?1019399 http://www.vupen.com/english/advisories/2008/0538/references http://www.vupen.com/english/advisories/2008/0539 https://exchange.xforce • CWE-189: Numeric Errors •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

CVE-2007-4651

https://notcve.org/view.php?id=CVE-2007-4651

Unspecified vulnerability in Adobe Connect Enterprise Server 6 allows remote attackers to read certain pages that are restricted to the administrator via unknown vectors. Vulnerabilidad no especificada en Adobe Connect Enterprise Server 6 permite a atacantes remotos leer determinadas páginas que están restringidas al administrador a través de vectores desconocidos. • http://osvdb.org/38055 http://secunia.com/advisories/26770 http://www.adobe.com/support/security/bulletins/apsb07-14.html http://www.securityfocus.com/bid/25640 http://www.securitytracker.com/id?1018682 http://www.vupen.com/english/advisories/2007/3131 https://exchange.xforce.ibmcloud.com/vulnerabilities/36573 • CWE-264: Permissions, Privileges, and Access Controls •