Page 123 of 1105 results (0.023 seconds)

CVSS: 10.0EPSS: 53%CPEs: 22EXPL: 1

CVE-2015-3113 – Adobe Flash Player Heap-Based Buffer Overflow Vulnerability

https://notcve.org/view.php?id=CVE-2015-3113

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015. Desbordamiento de buffer basado en memoria dinámica en Adobe Flash Player anterior a 13.0.0.296 y 14.x hasta 18.x anterior a 18.0.0.194 en Windows y OS X y anterior a 11.2.202.468 en Linux permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados, tal y como fue utilizado activamente en junio del 2015. Heap-based buffer overflow vulnerability in Adobe Flash Player allows remote attackers to execute code. • https://www.exploit-db.com/exploits/37536 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00002.html http://marc.info/?l=bugtraq&m=144050155601375&w=2 http://rhn.redhat.com/errata/RHSA-2015-1184.html http://www.securityfocus.com/bid/75371 http://www.securitytracker.com/id/1032696 https://bugzilla.redhat.com/show_bug. • CWE-787: Out-of-bounds Write •

CVSS: 10.0EPSS: 97%CPEs: 29EXPL: 1

CVE-2015-3105 – Adobe Flash Player - Drawing Fill Shader Memory Corruption

https://notcve.org/view.php?id=CVE-2015-3105

Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Flash Player anterior a 13.0.0.292 y 14.x hasta 18.x anterior a 18.0.0.160 en Windows y OS X y anterior a 11.2.202.466 en Linux, Adobe AIR anterior a 18.0.0.144 en Windows y anterior a 18.0.0.143 en OS X y Android, Adobe AIR SDK anterior a 18.0.0.144 en Windows y anterior a 18.0.0.143 en OS X, y Adobe AIR SDK & Compiler anterior a 18.0.0.144 en Windows y anterior a 18.0.0.143 en OS X permiten a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • https://www.exploit-db.com/exploits/37448 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00011.html http://rhn.redhat.com/errata/RHSA-2015-1086.html http://www.securityfocus.com/bid/75086 http://www.securitytracker.com/id/1032519 https://helpx.adobe.com/security/products/flash-player/apsb15-11.html https://security.gentoo • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 1%CPEs: 29EXPL: 0

CVE-2015-3103 – flash-plugin: multiple code execution issues fixed in APSB15-11

https://notcve.org/view.php?id=CVE-2015-3103

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3106 and CVE-2015-3107. Vulnerabilidad de uso después de liberación en Adobe Flash Player anterior a 13.0.0.292 y 14.x hasta 18.x anterior a 18.0.0.160 en Windows y OS X y anterior a 11.2.202.466 en Linux, Adobe AIR anterior a 18.0.0.144 en Windows y anterior a 18.0.0.143 en OS X y Android, Adobe AIR SDK anterior a 18.0.0.144 en Windows y anterior a 18.0.0.143 en OS X, y Adobe AIR SDK & Compiler anterior a 18.0.0.144 en Windows y anterior a 18.0.0.143 en OS X permite a atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-3106 y CVE-2015-3107. • http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00011.html http://rhn.redhat.com/errata/RHSA-2015-1086.html http://www.securityfocus.com/bid/75087 http://www.securitytracker.com/id/1032519 https://helpx.adobe.com/security/products/flash-player/apsb15-11.html https://security.gentoo.org/glsa/201506-01 https://access.redhat. •

CVSS: 10.0EPSS: 20%CPEs: 29EXPL: 0

CVE-2015-3100 – flash-plugin: multiple code execution issues fixed in APSB15-11

https://notcve.org/view.php?id=CVE-2015-3100

Stack-based buffer overflow in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de buffer basado en pila en Adobe Flash Player anterior a 13.0.0.292 y 14.x hasta 18.x anterior a 18.0.0.160 en Windows y OS X y anterior a 11.2.202.466 en Linux, Adobe AIR anterior a 18.0.0.144 en Windows y anterior a 18.0.0.143 en OS X y Android, Adobe AIR SDK anterior a 18.0.0.144 en Windows y anterior a 18.0.0.143 en OS X, y Adobe AIR SDK & Compiler anterior a 18.0.0.144 en Windows y anterior a 18.0.0.143 en OS X permite a atacantes ejecutar código arbitrario a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00011.html http://rhn.redhat.com/errata/RHSA-2015-1086.html http://www.securityfocus.com/bid/75085 http://www.securitytracker.com/id/1032519 https://helpx.adobe.com/security/products/flash-player/apsb15-11.html https://security.gentoo.org/glsa/201506-01 https://access.redhat. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 0%CPEs: 29EXPL: 0

CVE-2015-3099 – flash-plugin: same-origin-policy bypass fixed in APSB15-11

https://notcve.org/view.php?id=CVE-2015-3099

Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors, a different vulnerability than CVE-2015-3098 and CVE-2015-3102. Adobe Flash Player anterior a 13.0.0.292 y 14.x hasta 18.x anterior a 18.0.0.160 en Windows y OS X y anterior a 11.2.202.466 en Linux, Adobe AIR anterior a 18.0.0.144 en Windows y anterior a 18.0.0.143 en OS X y Android, Adobe AIR SDK anterior a 18.0.0.144 en Windows y anterior a 18.0.0.143 en OS X, y Adobe AIR SDK & Compiler anterior a 18.0.0.144 en Windows y anterior a 18.0.0.143 en OS X permiten a atacantes remotos evadir Same Origin Policy a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-3098 y CVE-2015-3102. • http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00011.html http://rhn.redhat.com/errata/RHSA-2015-1086.html http://www.securityfocus.com/bid/75080 http://www.securitytracker.com/id/1032519 https://helpx.adobe.com/security/products/flash-player/apsb15-11.html https://security.gentoo.org/glsa/201506-01 https://access.redhat. • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •