CVE-2013-0790
https://notcve.org/view.php?id=CVE-2013-0790
Unspecified vulnerability in the browser engine in Mozilla Firefox before 20.0 on Android allows remote attackers to cause a denial of service (stack memory corruption and application crash) or possibly execute arbitrary code via unknown vectors involving a plug-in. Vulnerabilidad no especificada en el motor del navegador de Mozilla Firefox anterior a v20.0 en Android permite a atacantes remotos causar una denegación de servicios (corrupción de pila de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores sin especificar que implica un complemento. • http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00013.html http://www.mozilla.org/security/announce/2013/mfsa2013-30.html https://bugzilla.mozilla.org/show_bug.cgi?id=842687 •
CVE-2013-1375 – flash-plugin: multiple code execution flaws (APSB13-09)
https://notcve.org/view.php?id=CVE-2013-1375
Heap-based buffer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer basado en la pila en Adobe Flash Player v10.3.183.68 y antes v11.x antes v11.6.602.180 en Windows y Mac OS X, antes v10.3.183.68 y v11.x antes v11.2.202.275 en Linux, antes v11.1.111.44 en Android v2.x v3.x, y antes de v11.1.115.48 en Android v4.x, Adobe AIR v3.6.0.6090 antes; Adobe AIR SDK antes de v3.6.0.6090, y Adobe AIR SDK Compiler antes de v3.6.0.6090 que permite a los atacantes ejecutar código arbitrario a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00021.html http://marc.info/?l=bugtraq&m=139455789818399&w=2 http://rhn.redhat.com/errata/RHSA-2013-0643.html http://www.adobe.com/support/security/bulletins/apsb13-09.html https://access.redhat.com/security/cve/CVE-2013-1375 https://bugzilla.redhat.com/show_bug.cgi?id= • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-1371 – flash-plugin: multiple code execution flaws (APSB13-09)
https://notcve.org/view.php?id=CVE-2013-1371
Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Flash Player v10.3.183.68 y v11.x antes de v11.6.602.180 en Windows y Mac OS X, antes de v10.3.183.68 y v11.x antes de v11.2.202.275 en Linux, antes de v11.1.111.44 en Android v2.x y v3.x y antes de v11.1.115.48 en Android 4.x, Adobe AIR v3.6.0.6090 antes; Adobe AIR SDK antes de v3.6.0.6090, y Adobe AIR SDK Compiler antes de v3.6.0.6090 que permiten a un atacante ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00021.html http://marc.info/?l=bugtraq&m=139455789818399&w=2 http://rhn.redhat.com/errata/RHSA-2013-0643.html http://www.adobe.com/support/security/bulletins/apsb13-09.html https://access.redhat.com/security/cve/CVE-2013-1371 https://bugzilla.redhat.com/show_bug.cgi?id= • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-0646 – flash-plugin: multiple code execution flaws (APSB13-09)
https://notcve.org/view.php?id=CVE-2013-0646
Integer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de entero en Adobe Flash Player anterior a v10.3.183.68 y v11.x before 11.6.602.180 en Windows y Mac OS X, anterior a v10.3.183.68 y v11.x anterior a v11.2.202.275 en Linux, anterior a v11.1.111.44 en Android v2.x yv 3.x, y anterior a v11.1.115.48 en Android v4.x; Adobe AIR anterior a v3.6.0.6090; Adobe AIR SDK anterior a v3.6.0.6090; y Adobe AIR SDK & Compiler anterior a v3.6.0.6090, permite a atacantes ejecutar código de su elección a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00021.html http://marc.info/?l=bugtraq&m=139455789818399&w=2 http://rhn.redhat.com/errata/RHSA-2013-0643.html http://www.adobe.com/support/security/bulletins/apsb13-09.html https://access.redhat.com/security/cve/CVE-2013-0646 https://bugzilla.redhat.com/show_bug.cgi?id= • CWE-189: Numeric Errors •
CVE-2013-0650 – flash-plugin: multiple code execution flaws (APSB13-09)
https://notcve.org/view.php?id=CVE-2013-0650
Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors. Vulnerabilidad Use-after-free en Adobe Flash Player antes de v10.3.183.68 y v11.x antes v11.6.602.180 en Windows y Mac OS X, antes de v10.3.183.68 y v11.x antes de v11.2.202.275 en Linux, antes de v11.1.111.44 en Android v2.x y v3.x, y antes de v11.1.115.48 en Android v4.x, Adobe AIR antes de v3.6.0.6090; Adobe AIR SDK antes de v3.6.0.6090, y Adobe AIR SDK Compiler antes de v3.6.0.6090 permite a los atacantes ejecutar código arbitrario a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00021.html http://marc.info/?l=bugtraq&m=139455789818399&w=2 http://rhn.redhat.com/errata/RHSA-2013-0643.html http://www.adobe.com/support/security/bulletins/apsb13-09.html https://access.redhat.com/security/cve/CVE-2013-0650 https://bugzilla.redhat.com/show_bug.cgi?id= • CWE-399: Resource Management Errors •