CVE-2016-9583 – jasper: integer overflows leading to out of bounds read in packet iterators in JPC decoder
https://notcve.org/view.php?id=CVE-2016-9583
An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input. Se ha detectado una vulnerabilidad de lectura de memoria dinámica (heap) fuera de límites en la función jpc_pi_nextpcrl() de jasper en versiones anteriores a la 2.0.6 al procesar entradas manipuladas. • http://www.securityfocus.com/bid/94925 https://access.redhat.com/errata/RHSA-2017:1208 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9583 https://github.com/mdadams/jasper/commit/aa0b0f79ade5eef8b0e7a214c03f5af54b36ba7d https://github.com/mdadams/jasper/commit/f25486c3d4aa472fec79150f2c41ed4333395d3d https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://access.redhat.com/security/cve/CVE-2016-9583 https://bugzilla.redhat.com/show_bug.cgi?id=1405148 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVE-2017-3069 – flash-plugin: multiple code execution issues fixed in APSB17-15
https://notcve.org/view.php?id=CVE-2017-3069
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution. Flash Player versiones 25.0.0.148 y anteriores de Adobe, presenta una vulnerabilidad de corrupción de memoria explotable en la clase BlendMode. Una explotación con éxito podría conllevar a la ejecución de código arbitraria. • http://www.securityfocus.com/bid/98349 http://www.securitytracker.com/id/1038427 https://access.redhat.com/errata/RHSA-2017:1219 https://helpx.adobe.com/security/products/flash-player/apsb17-15.html https://security.gentoo.org/glsa/201705-12 https://access.redhat.com/security/cve/CVE-2017-3069 https://bugzilla.redhat.com/show_bug.cgi?id=1449340 • CWE-787: Out-of-bounds Write •
CVE-2017-3074 – flash-plugin: multiple code execution issues fixed in APSB17-15
https://notcve.org/view.php?id=CVE-2017-3074
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution. Flash Player versiones 25.0.0.148 y anteriores de Adobe, presenta una vulnerabilidad de corrupción de memoria explotable en la clase Graphics. Una explotación con éxito podría conllevar a la ejecución de código arbitraria. • http://www.securityfocus.com/bid/98349 http://www.securitytracker.com/id/1038427 https://access.redhat.com/errata/RHSA-2017:1219 https://helpx.adobe.com/security/products/flash-player/apsb17-15.html https://security.gentoo.org/glsa/201705-12 https://access.redhat.com/security/cve/CVE-2017-3074 https://bugzilla.redhat.com/show_bug.cgi?id=1449340 • CWE-787: Out-of-bounds Write •
CVE-2017-3071 – flash-plugin: multiple code execution issues fixed in APSB17-15
https://notcve.org/view.php?id=CVE-2017-3071
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects. Successful exploitation could lead to arbitrary code execution. Flash Player versiones 25.0.0.148 y anteriores de Adobe, presenta una vulnerabilidad de uso de la memoria previamente liberada explotable cuando se enmascaran objetos de visualización. Una explotación con éxito podría conllevar a la ejecución de código arbitraria. • http://www.securityfocus.com/bid/98347 http://www.securitytracker.com/id/1038427 https://access.redhat.com/errata/RHSA-2017:1219 https://helpx.adobe.com/security/products/flash-player/apsb17-15.html https://security.gentoo.org/glsa/201705-12 https://access.redhat.com/security/cve/CVE-2017-3071 https://bugzilla.redhat.com/show_bug.cgi?id=1449340 • CWE-416: Use After Free •
CVE-2017-3068 – Adobe Flash - AVC Deblocking Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2017-3068
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution. Flash Player versiones 25.0.0.148 y anteriores de Adobe, presenta una vulnerabilidad de corrupción de memoria explotable en el motor de Codificación de Vídeo Avanzada. La explotación con éxito podría conllevar a la ejecución de código arbitraria. Adobe Flash suffers from an out-of-bounds read in AVC deblocking. • https://www.exploit-db.com/exploits/42017 http://www.securityfocus.com/bid/98349 http://www.securitytracker.com/id/1038427 https://access.redhat.com/errata/RHSA-2017:1219 https://helpx.adobe.com/security/products/flash-player/apsb17-15.html https://security.gentoo.org/glsa/201705-12 https://access.redhat.com/security/cve/CVE-2017-3068 https://bugzilla.redhat.com/show_bug.cgi?id=1449340 • CWE-787: Out-of-bounds Write •