CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 0CVE-2017-3083 – Adobe Flash Profile Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-3083
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Flash Player 25.0.0.171 y anteriores podrían permitir la explotación de una vulnerabilidad de uso después de liberación en la funcionalidad Primetime SDK relacionada con los metadatos del perfil del flujo del archivo de medios. Una explotación exitosa podría conducir a la ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://www.securityfocus.com/bid/99023 http://www.securitytracker.com/id/1038655 https://access.redhat.com/errata/RHSA-2017:1439 https://helpx.adobe.com/security/products/flash-player/apsb17-17.html https://security.gentoo.org/glsa/201707-15 https://access.redhat.com/security/cve/CVE-2017-3083 https://bugzilla.redhat.com/show_bug.cgi?id=1461146 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 3%CPEs: 13EXPL: 0CVE-2017-3075 – Adobe Flash XML load Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-3075
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability when manipulating the ActionsScript 2 XML class. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Flash Player 25.0.0.171 y anteriores podrían permitir la explotación de una vulnerabilidad de liberación de memoria al manipular la clase XML de ActionScript 2. Una explotación exitosa podría conducir a la ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://www.securityfocus.com/bid/99023 http://www.securitytracker.com/id/1038655 https://access.redhat.com/errata/RHSA-2017:1439 https://helpx.adobe.com/security/products/flash-player/apsb17-17.html https://security.gentoo.org/glsa/201707-15 https://access.redhat.com/security/cve/CVE-2017-3075 https://bugzilla.redhat.com/show_bug.cgi?id=1461146 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 3%CPEs: 13EXPL: 0CVE-2017-3082 – Adobe Flash LocaleID determinePreferredLocales Uninitialized Memory Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-3082
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the LocaleID class. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Flash Player 25.0.0.171 y anteriores podrían permitir la explotación de una vulnerabilidad de corrupción de memoria en la clase LocaleID. Una explotación exitosa podría conducir a la ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://www.securityfocus.com/bid/99025 http://www.securitytracker.com/id/1038655 https://access.redhat.com/errata/RHSA-2017:1439 https://helpx.adobe.com/security/products/flash-player/apsb17-17.html https://security.gentoo.org/glsa/201707-15 https://access.redhat.com/security/cve/CVE-2017-3082 https://bugzilla.redhat.com/show_bug.cgi?id=1461146 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 2%CPEs: 17EXPL: 0CVE-2017-3069 – flash-plugin: multiple code execution issues fixed in APSB17-15
https://notcve.org/view.php?id=CVE-2017-3069
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution. Flash Player versiones 25.0.0.148 y anteriores de Adobe, presenta una vulnerabilidad de corrupción de memoria explotable en la clase BlendMode. Una explotación con éxito podría conllevar a la ejecución de código arbitraria. • http://www.securityfocus.com/bid/98349 http://www.securitytracker.com/id/1038427 https://access.redhat.com/errata/RHSA-2017:1219 https://helpx.adobe.com/security/products/flash-player/apsb17-15.html https://security.gentoo.org/glsa/201705-12 https://access.redhat.com/security/cve/CVE-2017-3069 https://bugzilla.redhat.com/show_bug.cgi?id=1449340 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 2%CPEs: 17EXPL: 0CVE-2017-3074 – flash-plugin: multiple code execution issues fixed in APSB17-15
https://notcve.org/view.php?id=CVE-2017-3074
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution. Flash Player versiones 25.0.0.148 y anteriores de Adobe, presenta una vulnerabilidad de corrupción de memoria explotable en la clase Graphics. Una explotación con éxito podría conllevar a la ejecución de código arbitraria. • http://www.securityfocus.com/bid/98349 http://www.securitytracker.com/id/1038427 https://access.redhat.com/errata/RHSA-2017:1219 https://helpx.adobe.com/security/products/flash-player/apsb17-15.html https://security.gentoo.org/glsa/201705-12 https://access.redhat.com/security/cve/CVE-2017-3074 https://bugzilla.redhat.com/show_bug.cgi?id=1449340 • CWE-787: Out-of-bounds Write •