CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2018-14379
https://notcve.org/view.php?id=CVE-2018-14379
MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted MP4 file, because access to the data structure has different expectations about layout as a result of this type confusion. ... Esto permite que atacantes remotos provoquen una denegación de servicio (DoS) (corrupción de memoria) u otro tipo de impacto sin especificar mediante un archivo MP4 manipulado, ya que el acceso a la estructura de datos tiene diferentes expectativas sobre el diseño como resultado de esta confusión de tipos. • http://www.openwall.com/lists/oss-security/2018/07/17/1 https://github.com/enzo1982/mp4v2/releases/tag/v2.1.0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6YCHVOYPIBGM5HYUMQ77KZH2IHSITKVE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FRSO2IMK6P7MOIZWGWKONPIEHKBA7WL3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GISUIWPKBWPXORUFNWBGFTKQS7UUVUC4 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2018-12794 – Adobe Acrobat Pro DC XFA Template Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-12794
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Type Confusion vulnerability. ... Adobe Acrobat y Reader 2018.011.20040 y anteriores, 2017.011.30080 y anteriores y 2015.006.30418 y anteriores, tienen una vulnerabilidad de confusión de tipos. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • http://www.securityfocus.com/bid/104701 http://www.securitytracker.com/id/1041250 https://helpx.adobe.com/security/products/acrobat/apsb18-21.html • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 0CVE-2018-5057 – Adobe Acrobat Pro DC ImageConversion EMF Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-5057
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Type Confusion vulnerability. ... Adobe Acrobat y Reader 2018.011.20040 y anteriores, 2017.011.30080 y anteriores y 2015.006.30418 y anteriores, tienen una vulnerabilidad de confusión de tipos. • http://www.securityfocus.com/bid/104701 http://www.securitytracker.com/id/1041250 https://helpx.adobe.com/security/products/acrobat/apsb18-21.html • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 6.5EPSS: 1%CPEs: 8EXPL: 0CVE-2018-12793 – Adobe Acrobat Pro DC ImageConversion EMF Parsing Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-12793
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Type Confusion vulnerability. ... Adobe Acrobat y Reader 2018.011.20040 y anteriores, 2017.011.30080 y anteriores y 2015.006.30418 y anteriores, tienen una vulnerabilidad de confusión de tipos. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • http://www.securityfocus.com/bid/104701 http://www.securitytracker.com/id/1041250 https://helpx.adobe.com/security/products/acrobat/apsb18-21.html • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 8.8EPSS: 1%CPEs: 16EXPL: 0CVE-2018-5007 – Adobe Flash NetConnection Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-5007
Adobe Flash Player 30.0.0.113 and earlier versions have a Type Confusion vulnerability. ... Adobe Flash Player, en versiones 30.0.0.113 y anteriores, tiene una vulnerabilidad de confusión de tipos. ... The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. • http://www.securityfocus.com/bid/104698 http://www.securitytracker.com/id/1041248 https://access.redhat.com/errata/RHSA-2018:2175 https://helpx.adobe.com/security/products/flash-player/apsb18-24.html https://access.redhat.com/security/cve/CVE-2018-5007 https://bugzilla.redhat.com/show_bug.cgi?id=1599810 • CWE-704: Incorrect Type Conversion or Cast •