Page 130 of 765 results (0.013 seconds)

CVSS: 10.0EPSS: 0%CPEs: 216EXPL: 0

Adobe Flash Player before 11.7.700.232 and 11.8.x before 11.8.800.94 on Windows and Mac OS X, before 11.2.202.297 on Linux, before 11.1.111.64 on Android 2.x and 3.x, and before 11.1.115.69 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Flash Player anterior a 11.7.700.232 y 11.8.x anterior a 11.8.800.94 en Windows y Mac OS X, anterior a 11.2.202.297 en Linux, anterior a 11.1.111.64 en Android 2.x y 3.x,anterior a 11.1.115.69 en Android 4.x, permite a atacantes ejecutar código arbitrario o provocar una denegación de servicio (consumo de memoria) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00021.html http://www.adobe.com/support/security/bulletins/apsb13-17.html https://access.redhat.com/security/cve/CVE-2013-3345 https://bugzilla.redhat.com/show_bug.cgi?id=982749 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 0%CPEs: 33EXPL: 1

Android 1.6 Donut through 4.2 Jelly Bean does not properly check cryptographic signatures for applications, which allows attackers to execute arbitrary code via an application package file (APK) that is modified in a way that does not violate the cryptographic signature, probably involving multiple entries in a Zip file with the same name in which one entry is validated but the other entry is installed, aka Android security bug 8219321 and the "Master Key" vulnerability. Android v1.6 Donut hasta v4.2 Jelly Bean no comprueban de forma adecuada las firmas criptográficas de las aplicaciones, lo que puede permitir que atacantes ejecuten código a través de una ficheros de empaquetado de aplicaciones (APK) que es manipulado de forma que no viole la firma criptográfica, probablemente incluyendo múltiples entradas en un fichero ZIP con el mismo nombre en el cúal una entrada está validada pero la otra es la que se instala, tambíen conocido como error de seguridad 8219321 y vulnerabilidad "Master Key". • https://www.exploit-db.com/exploits/38627 http://bluebox.com/corporate-blog/bluebox-uncovers-android-master-key http://review.cyanogenmod.org/#/c/45251 http://www.osvdb.org/94773 http://www.securityfocus.com/bid/60952 http://www.zdnet.com/google-releases-fix-to-oems-for-blue-security-android-security-hole-7000017782 https://jira.cyanogenmod.org/browse/CYAN-1602 https://plus.google.com/113331808607528811927/posts/GxDA6111vYy • CWE-310: Cryptographic Issues •

CVSS: 4.3EPSS: 0%CPEs: 32EXPL: 0

The Angel Browser application 1.47b and earlier for Android 1.6 through 2.1, 1.62b and earlier for Android 2.2 through 2.3.4, 1.68b and earlier for Android 3.0 through 4.0.3, and 1.76b and earlier for Android 4.1 through 4.2 does not properly implement the WebView class, which allows attackers to obtain sensitive information via a crafted application. La aplicación Angel Browser 1.47b y anteriores para Android 1.6 a 2.1, 1.62b y anteriores para Android 2.2 a 2.3.4, 1.68b y anteriores para Android 3.0 a4.0.3 y 1.76b y anteriores para Android 4.1 a4.2, no implementan adecuadamente la clase WebView lo que permite a atacantes obtener información sensible a través de una aplicación manipulada. • http://jvn.jp/en/jp/JVN79301570/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2013-000055 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 10.0EPSS: 1%CPEs: 23EXPL: 0

Adobe Flash Player before 10.3.183.90 and 11.x before 11.7.700.224 on Windows, before 10.3.183.90 and 11.x before 11.7.700.225 on Mac OS X, before 10.3.183.90 and 11.x before 11.2.202.291 on Linux, before 11.1.111.59 on Android 2.x and 3.x, and before 11.1.115.63 on Android 4.x; Adobe AIR before 3.7.0.2090 on Windows and Android and before 3.7.0.2100 on Mac OS X; and Adobe AIR SDK & Compiler before 3.7.0.2090 on Windows and before 3.7.0.2100 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Flash Player anterior a v10.3.183.90 y v11.x anterior a v11.7.700.224 en Windows, anterior a v10.3.183.90 y v11.x anterior a v11.7.700.225 en Mac OS X, anterior a v10.3.183.90 y v11.x anterior a11.2.202.291 en Linux, anterior a v11.1.111.59 en Android v2.x y v3.x, y anterior a 11.1.115.63 en Android v4.x; Adobe AIR anterior a v3.7.0.2090 en Windows y Android y anterior a v3.7.0.2100 en Mac OS X; y Adobe AIR SDK & Compiler anterior a v3.7.0.2090 en Windows y anterior a v3.7.0.2100 en Mac OS X permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) mediante vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00016.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00164.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00179.html http://rhn.redhat.com/errata/RHSA-2013-0941.html http://www.adobe.com/support/security/bulletins/apsb13-16.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17030 https://access.redhat.com/security/cve/CVE-2013-3343 https://bugzilla.redhat.com/sh • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0

Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. Adobe Flash Player antes de v10.3.183.86 y v11.x antes de v11.7.700.202 para Windows y Mac OS X, antes de v10.3.183.86 y v11.x antes de v11.2.202.285 para Linux, antes de v11.1.111.54 para Android v2.x y v3.x, y antes de v11.1.115.58 para Android v4.x; Adobe AIR before v3.7.0.1860; y Adobe AIR SDK & Compiler antes de v3.7.0.1860 permite a atacantes ejecutar código arbitrario o causar una denegación de servicios (consumo de memoria) a través de vectores sin especificar, una vulnerabilidad diferente a CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, y CVE-2013-3335. • http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00010.html http://rhn.redhat.com/errata/RHSA-2013-0825.html http://secunia.com/advisories/53442 http://www.adobe.com/support/security/bulletins/apsb13-14.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16897 https://access.redhat.com/security&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •