CVSS: 5.8EPSS: 0%CPEs: 332EXPL: 0CVE-2013-0751
https://notcve.org/view.php?id=CVE-2013-0751
Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do not restrict a touch event to a single IFRAME element, which allows remote attackers to obtain sensitive information or possibly conduct cross-site scripting (XSS) attacks via a crafted HTML document. Mozilla Firefox anterior a 18.0 en Android y SeaMonkey anterior a 2.15 no restringen los eventos de "tap" (tocar la pantalla) a un único elemento IFRAME, lo que permite a atacantes remotos obtener información sensible o posiblemente llevar a cabo ataques XSS a través de un documento HTML. • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html http://www.mozilla.org/security/announce/2013/mfsa2013-06.html https://bugzilla.mozilla.org/show_bug.cgi?id=790454 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16616 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 1%CPEs: 165EXPL: 0CVE-2012-5286 – flash-plugin: multiple code-execution flaws (APSB12-22)
https://notcve.org/view.php?id=CVE-2012-5286
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. Desbordamiento de búfer en Adobe Flash Player anteriores a v10.3.183.29 y 11.x anteriores a v11.4.402.287 on Windows and Mac OS X, anteriores a v10.3.183.29 y v11.x anteriores a v11.2.202.243 en Linux, anteriores a v11.1.111.19 en Android v2.x y v3.x, y anteriores a v11.1.115.20 en Android v4.x; Adobe AIR anteriores a v3.4.0.2710; y Adobe AIR SDK anteriores a v3.4.0.2710 permite a atacantes ejecutar código a través de vectores no especificados, es una vulnerabilidad distinta a otros listados en APSB12-22. • http://osvdb.org/86875 http://www.adobe.com/support/security/bulletins/apsb12-22.html http://www.securityfocus.com/bid/56375 https://exchange.xforce.ibmcloud.com/vulnerabilities/79771 https://access.redhat.com/security/cve/CVE-2012-5286 https://bugzilla.redhat.com/show_bug.cgi?id=864284 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 165EXPL: 0CVE-2012-5287 – flash-plugin: multiple code-execution flaws (APSB12-22)
https://notcve.org/view.php?id=CVE-2012-5287
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. Desbordamiento de búfer en Adobe Flash Player anteriores a v10.3.183.29 y 11.x anteriores a v11.4.402.287 on Windows and Mac OS X, anteriores a v10.3.183.29 y v11.x anteriores a v11.2.202.243 en Linux, anteriores a v11.1.111.19 en Android v2.x y v3.x, y anteriores a v11.1.115.20 en Android v4.x; Adobe AIR anteriores a v3.4.0.2710; y Adobe AIR SDK anteriores a v3.4.0.2710 permite a atacantes ejecutar código a través de vectores no especificados, es una vulnerabilidad distinta a otros listados en APSB12-22. • http://osvdb.org/86876 http://www.adobe.com/support/security/bulletins/apsb12-22.html http://www.securityfocus.com/bid/56376 https://exchange.xforce.ibmcloud.com/vulnerabilities/79772 https://access.redhat.com/security/cve/CVE-2012-5287 https://bugzilla.redhat.com/show_bug.cgi?id=864284 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 13%CPEs: 161EXPL: 0CVE-2012-5267 – flash-plugin: multiple code-execution flaws (APSB12-22)
https://notcve.org/view.php?id=CVE-2012-5267
Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. Adobe Flash Player antes de v10.3.183.29 y 11.x antes de v11.4.402.287 en Windows and Mac OS X, antes de v10.3.183.29 and 11.x antes de v11.2.202.243 en Linux, antes de v11.1.111.19 en Android 2.x y 3.x, and antes de v11.1.115.20 en Android 4.x; Adobe AIR antes de v3.4.0.2710; y Adobe AIR SDK antes de v3.4.0.2710, permite a los atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a otros CVE diferentes a corrupción de memoria en Flash Player diferente listada como APSB12-22. • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00034.html http://osvdb.org/86044 http://www.adobe.com/support/security/bulletins/apsb12-22.html https://exchange.xforce.ibmcloud.com/vulnerabilities/79088 https://access.redhat.com/security/cve/CVE-2012-5267 https://bugzilla.redhat.com/show_bug.cgi?id=864284 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 161EXPL: 0CVE-2012-5259 – flash-plugin: multiple code-execution flaws (APSB12-22)
https://notcve.org/view.php?id=CVE-2012-5259
Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. Desbordamiento de búfer en Adobe Flash Player antes de v10.3.183.29 y 11.x antes de v11.4.402.287 en Windows and Mac OS X, antes de v10.3.183.29 and 11.x antes de v11.2.202.243 en Linux, antes de v11.1.111.19 en Android 2.x y 3.x, and antes de v11.1.115.20 en Android 4.x; Adobe AIR antes de v3.4.0.2710; y Adobe AIR SDK antes de v3.4.0.2710, permite a los atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a otros CVE de desbordamiento de búfer en Flash Player listada como APSB12-22. • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00034.html http://osvdb.org/86036 http://www.adobe.com/support/security/bulletins/apsb12-22.html https://exchange.xforce.ibmcloud.com/vulnerabilities/79080 https://access.redhat.com/security/cve/CVE-2012-5259 https://bugzilla.redhat.com/show_bug.cgi?id=864284 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •