CVSS: 9.3EPSS: 2%CPEs: 13EXPL: 0CVE-2017-3099 – flash-plugin: code execution issue fixed in APSB17-21
https://notcve.org/view.php?id=CVE-2017-3099
Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 3 raster data model. Successful exploitation could lead to arbitrary code execution. Las versiones 26.0.0.131 y anteriores de Adobe Flash Player, presentan una vulnerabilidad explotable de corrupción de memoria en el modelo de datos ráster de Action Script 3. Una explotación con éxito conllevaría a la ejecución de código arbitraria. • http://www.securityfocus.com/bid/99520 http://www.securitytracker.com/id/1038845 https://access.redhat.com/errata/RHSA-2017:1731 https://helpx.adobe.com/security/products/flash-player/apsb17-21.html https://security.gentoo.org/glsa/201707-15 https://access.redhat.com/security/cve/CVE-2017-3099 https://bugzilla.redhat.com/show_bug.cgi?id=1469762 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2017-3080 – Adobe Flash BrokerCreateFile Broker Method Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-3080
Adobe Flash Player versions 26.0.0.131 and earlier have a security bypass vulnerability related to the Flash API used by Internet Explorer. Successful exploitation could lead to information disclosure. Las versiones 26.0.0.131 y anteriores de Adobe Flash Player, presentan una vulnerabilidad de omisión de seguridad relacionada con la API Flash utilizada por Internet Explorer. Una explotación con éxito conllevaría a la divulgación de información. This vulnerability allows remote attackers to bypass the Enhanced Protected Mode sandbox of vulnerable installations of Adobe Flash Player and disclose file contents. • http://www.securityfocus.com/bid/99519 http://www.securitytracker.com/id/1038845 https://access.redhat.com/errata/RHSA-2017:1731 https://helpx.adobe.com/security/products/flash-player/apsb17-21.html https://security.gentoo.org/glsa/201707-15 https://access.redhat.com/security/cve/CVE-2017-3080 https://bugzilla.redhat.com/show_bug.cgi?id=1469763 •
CVSS: 6.8EPSS: 0%CPEs: 13EXPL: 0CVE-2017-3100 – Adobe Flash Player BitmapData applyFilter Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-3100
Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 2 BitmapData class. Successful exploitation could lead to memory address disclosure. Las versiones 26.0.0.131 y anteriores de Adobe Flash Player, presentan una vulnerabilidad explotable de corrupción de memoria en la clase BitmapData de Action Script 2. La explotación con éxito conllevaría a la divulgación de direcciones de memoria. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://www.securityfocus.com/bid/99523 http://www.securitytracker.com/id/1038845 https://access.redhat.com/errata/RHSA-2017:1731 https://helpx.adobe.com/security/products/flash-player/apsb17-21.html https://security.gentoo.org/glsa/201707-15 https://access.redhat.com/security/cve/CVE-2017-3100 https://bugzilla.redhat.com/show_bug.cgi?id=1469763 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 33EXPL: 0CVE-2016-0959 – flash-plugin: multiple code execution issues fixed in APSB16-01
https://notcve.org/view.php?id=CVE-2016-0959
Use after free vulnerability in Adobe Flash Player Desktop Runtime before 20.0.0.267, Adobe Flash Player Extended Support Release before 18.0.0.324, Adobe Flash Player for Google Chrome before 20.0.0.267, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 before 20.0.0.267, Adobe Flash Player for Internet Explorer 10 and 11 before 20.0.0.267, Adobe Flash Player for Linux before 11.2.202.559, AIR Desktop Runtime before 20.0.0.233, AIR SDK before 20.0.0.233, AIR SDK & Compiler before 20.0.0.233, AIR for Android before 20.0.0.233. Vulnerabilidad en el uso de memoria después de liberarla en Adobe Flash Player Desktop Runtime anterior a 20.0.0.267, Adobe Flash Player Extended Support Release anterior a 18.0.0.324, Adobe Flash Player para Google Chrome anterior a 20.0.0.267, Adobe Flash Player para Microsoft Edge e Internet Explorer 11 anterior a 20.0.0.267, Adobe Flash Player para Internet Explorer 10 y 11 anterior a 20.0.0.267, Adobe Flas Player para Linux anterior a 11.2.202.559, AIR Desktop Runtime anterior a 20.0.0.233, AIR SDK anterior 20.0.0.233, AIR SDK and Compiler anterior a 20.0.0.233, AIR para Android anterior a 20.0.0.233. • http://rhn.redhat.com/errata/RHSA-2015-2697.html https://bugzilla.redhat.com/show_bug.cgi?id=1294580 https://helpx.adobe.com/security/products/flash-player/apsb16-01.html https://access.redhat.com/security/cve/CVE-2016-0959 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 69%CPEs: 13EXPL: 1CVE-2017-3076 – Adobe Flash - AVC Edge Processing Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2017-3076
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the MPEG-4 AVC module. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Flash Player 25.0.0.171 y anteriores podrían permitir la explotación de corrupción en el módulo MPEG-4 AVC. Una explotación exitosa podría conducir a la ejecución de código arbitrario. Adobe Flash suffers from an avc edge processing out-of-bounds read vulnerability. • https://www.exploit-db.com/exploits/42247 http://www.securityfocus.com/bid/99025 http://www.securitytracker.com/id/1038655 https://access.redhat.com/errata/RHSA-2017:1439 https://helpx.adobe.com/security/products/flash-player/apsb17-17.html https://security.gentoo.org/glsa/201707-15 https://access.redhat.com/security/cve/CVE-2017-3076 https://bugzilla.redhat.com/show_bug.cgi?id=1461146 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •