Page 101 of 615 results (0.006 seconds)

CVSS: 9.3EPSS: 95%CPEs: 5EXPL: 1

Adobe Flash Player 18.x through 18.0.0.252 and 19.x through 19.0.0.207 on Windows and OS X and 11.x through 11.2.202.535 on Linux allows remote attackers to execute arbitrary code via a crafted SWF file, as exploited in the wild in October 2015. Adobe Flash Player 18.x hasta la versión 18.0.0.252 y 19.x hasta la versión 19.0.0.207 en Windows y OS X y 11.x hasta la versión 11.2.202.535 en Linux permite a atacantes remotos ejecutar código arbitrario a través de un archivo SWF manipulado, como se explotó activamente en octubre de 2015. If IExternalizable.writeExternal is overridden with a value that is not a function, Flash assumes it is a function even though it is not one. This leads to execution of a 'method' outside of the ActionScript object's ActionScript vtable, leading to memory corruption. Adobe Flash Player allows remote attackers to execute arbitrary code via a crafted SWF file. • https://www.exploit-db.com/exploits/38490 http://blog.trendmicro.com/trendlabs-security-intelligence/new-adobe-flash-zero-day-used-in-pawn-storm-campaign http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://packetstormsecurity.com/files/134009/Adobe-Flash-I •

CVSS: 10.0EPSS: 2%CPEs: 12EXPL: 0

Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7633, and CVE-2015-7634. Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anteriores a 11.2.202.535 en Linux, Adobe AIR en versiones anteriores a 19.0.0.213, Adobe AIR SDK en versiones anteriores a 19.0.0.213 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.213 permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7633 y CVE-2015-7634. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1893.html http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securityfocus.com/bid/77065 http://www.securitytracker.com/id/1033797 https://hel • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 3%CPEs: 12EXPL: 0

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7629, CVE-2015-7631, and CVE-2015-7643. Vulnerabilidad de uso después de liberación de memoria in Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anteriores a 11.2.202.535 en Linux, Adobe AIR en versiones anteriores a 19.0.0.213, Adobe AIR SDK en versiones anteriores a 19.0.0.213 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.213 permite a atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-7629, CVE-2015-7631 y CVE-2015-7643. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1893.html http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securityfocus.com/bid/77061 http://www.securitytracker.com/id/1033797 https://hel •

CVSS: 5.0EPSS: 1%CPEs: 12EXPL: 0

Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information via unspecified vectors. Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anteriores a 11.2.202.535 en Linux, Adobe AIR en versiones anteriores a 19.0.0.213, Adobe AIR SDK en versiones anteriores a 19.0.0.213 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.213 permite a atacantes remotos eludir la Same Origin Policy y obtener información sensible a través de vectores no especificados. • http://jvn.jp/en/jp/JVN22533124/index.html http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-005234.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1893.html http://rhn.redhat.com/errata/RHSA • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 10.0EPSS: 2%CPEs: 12EXPL: 0

Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7630, and CVE-2015-7634. Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anteriores a 11.2.202.535 en Linux, Adobe AIR en versiones anteriores a 19.0.0.213, Adobe AIR SDK en versiones anteriores a 19.0.0.213 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.213 permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7630 y CVE-2015-7634. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1893.html http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securityfocus.com/bid/77065 http://www.securitytracker.com/id/1033797 https://hel • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •