CVE-2012-0768 – flash-plugin: code execution flaw (APSB12-05)
https://notcve.org/view.php?id=CVE-2012-0768
The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. El componente Matrix3D en Adobe Flash Player anterior a v10.3.183.16 y v11.x anterior a v11.1.102.63 en Windows, Mac OS X, Linux, y Solaris; anteriores a v11.1.111.7 en Android 2.x y 3.x; y anteriores a v11.1.115.7 en Android 4.x permite a atacantes ejecutar código o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00006.html http://secunia.com/advisories/48819 http://security.gentoo.org/glsa/glsa-201204-07.xml http://www.adobe.com/support/security/bulletins/apsb12-05.html http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15058 https: • CWE-399: Resource Management Errors •
CVE-2010-0209 – flash-plugin: multiple security flaws (APSB10-16)
https://notcve.org/view.php?id=CVE-2010-0209
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2213, CVE-2010-2214, and CVE-2010-2216. Adobe Flash Player anterior a v9.0.280 y v10.x anterior a v10.1.82.76, y Adobe AIR anterior a v2.0.3, permite a atacantes ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria) a través de vectores sin especificar. Una vulnerabilidad diferente a CVE-2010-2213, CVE-2010-2214, and CVE-2010-2216. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://marc.info/?l=bugtraq&m=128767780602751&w=2 http://secunia.com/advisories/43026 http://security.gentoo.org/glsa/glsa-201101-09.xml http://support.apple.com/kb/HT4435 http://www.adobe.com/support/security/bulletins/apsb10-16.html http://www.securitytracker.com/id?1024621 http://www.vupen.com/english/advisories/2011/0192 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval& • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2010-2216 – flash-plugin: multiple security flaws (APSB10-16)
https://notcve.org/view.php?id=CVE-2010-2216
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2214. Adobe Flash Player anterior v9.0.280 y v10.x anterior v10.1.82.76, y Adobe AIR anterior v2.0.3, permite a atacantes ejecutar código de su elección o causar una denegación de servicio (caída memoria) a través de vectores no especificados, una vulnerabilidad diferente que CVE-2010-0209, CVE-2010-2213, y CVE-2010-2214. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://marc.info/?l=bugtraq&m=128767780602751&w=2 http://secunia.com/advisories/43026 http://security.gentoo.org/glsa/glsa-201101-09.xml http://support.apple.com/kb/HT4435 http://www.adobe.com/support/security/bulletins/apsb10-16.html http://www.securityfocus.com/bid/42362 http://www.securitytracker.com/id?1024621 http://www.vupen.com/english/advisories/2011/0192 https://oval.cisecurity.org/rep • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2010-2215 – flash-plugin: multiple security flaws (APSB10-16)
https://notcve.org/view.php?id=CVE-2010-2215
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "click-jacking" issue. Adobe Flash Player anterior v9.0.280 y v10.x anterior v10.1.82.76, y Adobe AIR anterior v2.0.3, permite a atacantes engañar a usuarios en (1) la selección de un enlace o (2) completar un diálogo, relacionado con el tema "click-jacking". • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://marc.info/?l=bugtraq&m=128767780602751&w=2 http://secunia.com/advisories/43026 http://security.gentoo.org/glsa/glsa-201101-09.xml http://support.apple.com/kb/HT4435 http://www.adobe.com/support/security/bulletins/apsb10-16.html http://www.securityfocus.com/bid/42361 http://www.securitytracker.com/id?1024621 http://www.vupen.com/english/advisories/2011/0192 https://oval.cisecurity.org/rep •
CVE-2010-2213 – flash-plugin: multiple security flaws (APSB10-16)
https://notcve.org/view.php?id=CVE-2010-2213
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2214, and CVE-2010-2216. Adobe Flash Player anterior v9.0.280 y v10.x anterior v10.1.82.76, y Adobe AIR anterior v2.0.3, permite a atacantes ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente que CVE-2010-0209, CVE-2010-2214, y CVE-2010-2216. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://marc.info/?l=bugtraq&m=128767780602751&w=2 http://secunia.com/advisories/43026 http://security.gentoo.org/glsa/glsa-201101-09.xml http://support.apple.com/kb/HT4435 http://www.adobe.com/support/security/bulletins/apsb10-16.html http://www.securityfocus.com/bid/42364 http://www.securitytracker.com/id?1024621 http://www.vupen.com/english/advisories/2011/0192 https://oval.cisecurity.org/rep • CWE-94: Improper Control of Generation of Code ('Code Injection') •