CVE-2017-3077 – Adobe Flash - Image Decoding Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2017-3077
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the PNG image parser. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Flash Player 25.0.0.171 y anteriores podrían permitir la explotación de una vulnerabilidad de corrupción de memoria en el parseador de imágenes PNG. Una explotación exitosa podría conducir a la ejecución de código arbitrario. Adobe Flash suffers from an image decoding out-of-bounds read vulnerability. • https://www.exploit-db.com/exploits/42248 http://www.securityfocus.com/bid/99025 http://www.securitytracker.com/id/1038655 https://access.redhat.com/errata/RHSA-2017:1439 https://helpx.adobe.com/security/products/flash-player/apsb17-17.html https://security.gentoo.org/glsa/201707-15 https://access.redhat.com/security/cve/CVE-2017-3077 https://bugzilla.redhat.com/show_bug.cgi?id=1461146 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-3078 – Adobe Flash - ATF Parser Heap Corruption
https://notcve.org/view.php?id=CVE-2017-3078
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the Adobe Texture Format (ATF) module. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Flash Player 25.0.0.171 y anteriores podrían permitir la explotación de una vulnerabilidad de corrupción de memoria en el módulo de Adobe Texture Format (ATF). Una explotación exitosa podría conducir a la ejecución de código arbitrario. Adobe Flash suffers from a heap corruption vulnerability in the ATF parser. • https://www.exploit-db.com/exploits/42249 https://github.com/homjxi0e/CVE-2017-3078 http://www.securityfocus.com/bid/99025 http://www.securitytracker.com/id/1038655 https://access.redhat.com/errata/RHSA-2017:1439 https://helpx.adobe.com/security/products/flash-player/apsb17-17.html https://security.gentoo.org/glsa/201707-15 https://access.redhat.com/security/cve/CVE-2017-3078 https://bugzilla.redhat.com/show_bug.cgi?id=1461146 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-3079 – flash-plugin: multiple code execution issues fixed in APSB17-17
https://notcve.org/view.php?id=CVE-2017-3079
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the internal representation of raster data. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Flash Player 25.0.0.171 y anteriores podrían permitir la explotación de una vulnerabilidad de corrupción de memoria en la representación interna de datos ráster. Una explotación exitosa podría conducir a la ejecución de código arbitrario. • http://www.securityfocus.com/bid/99025 http://www.securitytracker.com/id/1038655 https://access.redhat.com/errata/RHSA-2017:1439 https://helpx.adobe.com/security/products/flash-player/apsb17-17.html https://security.gentoo.org/glsa/201707-15 https://access.redhat.com/security/cve/CVE-2017-3079 https://bugzilla.redhat.com/show_bug.cgi?id=1461146 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-3081 – flash-plugin: multiple code execution issues fixed in APSB17-17
https://notcve.org/view.php?id=CVE-2017-3081
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability during internal computation caused by multiple display object mask manipulations. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Flash Player 25.0.0.171 y anteriores podrían permitir la explotación de una vulnerabilidad de uso después de liberación cuando se realiza computación interna causada por múltiples manipulaciones de máscaras de objetos. Una explotación exitosa podría conducir a la ejecución de código arbitrario. • http://www.securityfocus.com/bid/99023 http://www.securitytracker.com/id/1038655 https://access.redhat.com/errata/RHSA-2017:1439 https://helpx.adobe.com/security/products/flash-player/apsb17-17.html https://security.gentoo.org/glsa/201707-15 https://access.redhat.com/security/cve/CVE-2017-3081 https://bugzilla.redhat.com/show_bug.cgi?id=1461146 • CWE-416: Use After Free •
CVE-2017-3075 – Adobe Flash XML load Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-3075
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability when manipulating the ActionsScript 2 XML class. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Flash Player 25.0.0.171 y anteriores podrían permitir la explotación de una vulnerabilidad de liberación de memoria al manipular la clase XML de ActionScript 2. Una explotación exitosa podría conducir a la ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://www.securityfocus.com/bid/99023 http://www.securitytracker.com/id/1038655 https://access.redhat.com/errata/RHSA-2017:1439 https://helpx.adobe.com/security/products/flash-player/apsb17-17.html https://security.gentoo.org/glsa/201707-15 https://access.redhat.com/security/cve/CVE-2017-3075 https://bugzilla.redhat.com/show_bug.cgi?id=1461146 • CWE-416: Use After Free •