CVSS: 10.0EPSS: 2%CPEs: 123EXPL: 0CVE-2011-2137 – flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
https://notcve.org/view.php?id=CVE-2011-2137
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2134, CVE-2011-2414, and CVE-2011-2415. Desbordamiento de buffer en Adobe Flash Player en versiones anteriores a la 10.3.183.5 para Windows, Mac OS X, Linux y Solaris y anteriores a 10.3.186.3 en Android, y Adobe AIR anteriores 2.7.1 en Windows y Mac OS X y anteriores a 2.7.1.1961 en Android, permite a atacantes ejecutar código arbitrario a través de vectores sin especificar, una vulnerabilidad distinta a CVE-2011-2130, CVE-2011-2134, CVE-2011-2414 y CVE-2011-2415. • http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00008.html http://secunia.com/advisories/48308 http://www.adobe.com/support/security/bulletins/apsb11-21.html http://www.redhat.com/support/errata/RHSA-2011-1144.html http://www.us-cert.gov/cas/techalerts/TA11-222A.html https://oval.cisecurity.org/repository/search/definition/oval • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 123EXPL: 0CVE-2011-2134 – flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)
https://notcve.org/view.php?id=CVE-2011-2134
Buffer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2130, CVE-2011-2137, CVE-2011-2414, and CVE-2011-2415. Desbordamiento de buffer en Adobe Flash Player en versiones anteriores a la 10.3.183.5 para Windows, Mac OS X, Linux y Solaris y anteriores a 10.3.186.3 en Android, y Adobe AIR anteriores 2.7.1 en Windows y Mac OS X y anteriores a 2.7.1.1961 en Android, permite a atacantes ejecutar código arbitrario a través de vectores sin especificar, una vulnerabilidad distinta a CVE-2011-2130, CVE-2011-2137, CVE-2011-2414, y CVE-2011-2415. • http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00008.html http://secunia.com/advisories/48308 http://www.adobe.com/support/security/bulletins/apsb11-21.html http://www.redhat.com/support/errata/RHSA-2011-1144.html http://www.us-cert.gov/cas/techalerts/TA11-222A.html https://oval.cisecurity.org/repository/search/definition/oval • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 97%CPEs: 97EXPL: 2CVE-2011-2110 – Adobe Flash Player AVM Verification Logic Array Indexing Code Execution
https://notcve.org/view.php?id=CVE-2011-2110
Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011. Adobe Flash Player anterior a v10.3.181.26 en Windows, Mac OS X, Linux, y Solaris, y v10.3.185.23 y anteriores sobre Android, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, como se explotó en Junio 2011. • https://www.exploit-db.com/exploits/19295 http://secunia.com/advisories/44924 http://secunia.com/advisories/44941 http://secunia.com/advisories/44950 http://secunia.com/advisories/44964 http://secunia.com/advisories/48308 http://www.adobe.com/support/security/bulletins/apsb11-18.html http://www.redhat.com/support/errata/RHSA-2011-0869.html http://www.securitytracker.com/id?1025651 http://www.us-cert.gov/cas/techalerts/TA11-166A.html https://exchange.xforce.ibmcloud.com/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 138EXPL: 0CVE-2011-2107 – flash-plugin: Cross-site scripting vulnerability (APSB11-13)
https://notcve.org/view.php?id=CVE-2011-2107
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.181.22 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.22 and earlier on Android, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "universal cross-site scripting vulnerability." Múltiples vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en Adobe Flash Player anteriores a v10.3.181.22 en Windows, Mac OS X, Linux, y Solaris, y v10.3.185.22 y anteriores en Android, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores desconocidos, relacionado con "vulnerabilidad universal de ejecución de comandos en sitios cruzados". • http://googlechromereleases.blogspot.com/2011/06/stable-channel-update.html http://secunia.com/advisories/44846 http://secunia.com/advisories/44847 http://secunia.com/advisories/44871 http://secunia.com/advisories/44872 http://secunia.com/advisories/44946 http://secunia.com/advisories/48308 http://www.adobe.com/support/security/bulletins/apsb11-13.html http://www.blackberry.com/btsc/KB27240 http://www.redhat.com/support/errata/RHSA-2011-0850.html http://www.securityfocus.com/bid&# • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 8%CPEs: 92EXPL: 0CVE-2011-0628 – flash-plugin: crash and potential arbitrary code execution (APSB11-12)
https://notcve.org/view.php?id=CVE-2011-0628
Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows remote attackers to execute arbitrary code via ActionScript that improperly handles a long array object. Desbordamiento de entero en Adobe Flash Player en versiones anteriores a la 10.3.181.14 en Windows, Mac OS X, Linux, y Solaris y anteriores a la 10.3.185.21 en Android permite a atacantes remotos ejecutar código de su elección a través de ActionScript que no maneja apropiadamente un objeto array de gran tamaño. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=908 http://www.adobe.com/support/security/bulletins/apsb11-12.html http://www.securityfocus.com/bid/47961 https://exchange.xforce.ibmcloud.com/vulnerabilities/67638 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13994 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15639 https://access.redhat.com/security/cve/CVE-2011-0628 https://bugzilla.redhat.com/show_ • CWE-189: Numeric Errors •