Page 135 of 765 results (0.006 seconds)

CVSS: 10.0EPSS: 32%CPEs: 30EXPL: 0

Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013. Adobe Flash Player v11.6.602.171 en Windows permite a atacantes remotos ejecutar código arbitrario a través de vectores que aprovechan un "desbordamiento", como lo demuestra VUPEN durante un concurso Pwn2Own en CanSecWest 2013. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of RTMP data. The issue lies in the ability to exchange objects, allowing for an object confusion vulnerability. • http://archives.neohapsis.com/archives/bugtraq/2013-04/0197.html http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157 http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00019.html http://lists.opensuse.org/opensuse-updates/2013-04/msg00081.html http://marc.info/?l=bugtraq&m=139455789818399&w=2 http://rhn.redhat.com/errata/RHSA-2013-0730.html http://twitter.com/VUP • CWE-190: Integer Overflow or Wraparound •

CVSS: 10.0EPSS: 1%CPEs: 16EXPL: 0

Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1372, and CVE-2013-1373. Desbordamiento de buffer en Adobe Flash Player v10.3.183.63 y antes de v11.x antes de v11.6.602.168 en Windows, antes de v10.3.183.61 y v11.x antes de v11.6.602.167 en Mac OS X, antes de v10.3.183.61 y v11.x antes de v11.2.202.270 en Linux, antes de v11.1.111.43 en Android v2.x y v3.x, y antes de v11.1.115.47 en Android v4.x, Adobe AIR antes de v3.6.0.597, y Adobe AIR SDK antes de v3.6.0.599 permite a los atacantes ejecutar código a través de vectores sin especificar no especificados, una vulnerabilidad diferente a CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE -2013-1372, y CVE-2013 1373. • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html http://rhn.redhat.com/errata/RHSA-2013-0254.html http://www.adobe.com/support/security/bulletins/apsb13-05.html http://www.us-cert.gov/cas/techalerts/TA13-043A.html https://access.redhat.com/security/cve/CVE-2013-1370 https://bugzilla.redhat.com/show_bug.cgi?id • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 1%CPEs: 16EXPL: 0

Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0644 and CVE-2013-0649. Vulnerabilidad después de la liberación en Adobe Flash Player v10.3.183.63 y antes de v11.x antes de v11.6.602.168 en Windows, antes de v10.3.183.61 y v11.x antes de v11.6.602.167 en Mac OS X, antes de v10.3.183.61 y v11.x antes de v11.2.202.270 en Linux, antes de v11.1.111.43 en Android v2.x y v3.x, y antes de v11.1.115.47 en Android v4.x, Adobe AIR antes de v3.6.0.597, y Adobe AIR SDK antes de v3.6.0.599 permite a los atacantes ejecutar código arbitrario a través de vectores sin especificar, una vulnerabilidad diferente a CVE-2013-0644 y CVE-2013-0649. • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html http://rhn.redhat.com/errata/RHSA-2013-0254.html http://www.adobe.com/support/security/bulletins/apsb13-05.html http://www.us-cert.gov/cas/techalerts/TA13-043A.html https://access.redhat.com/security/cve/CVE-2013-1374 https://bugzilla.redhat.com/show_bug.cgi?id • CWE-399: Resource Management Errors •

CVSS: 10.0EPSS: 1%CPEs: 16EXPL: 0

Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, and CVE-2013-1372. Desbordamiento de buffer en Adobe Flash Player v10.3.183.63 y antes de v11.x antes de v11.6.602.168 en Windows, antes de v10.3.183.61 y v11.x antes de v11.6.602.167 en Mac OS X, antes de v10.3.183.61 y v11.x antes de v11.2.202.270 en Linux, antes de v11.1.111.43 en Android v2.x y v3.x, y antes de v11.1.115.47 en Android v4.x, Adobe AIR antes de v3.6.0.597, y Adobe AIR SDK antes de v3.6.0.599 permite a los atacantes ejecutar código arbitrario a través de vectores sin especificar, una vulnerabilidad diferente a CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1370, y CVE-2013-1372. • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html http://rhn.redhat.com/errata/RHSA-2013-0254.html http://www.adobe.com/support/security/bulletins/apsb13-05.html http://www.us-cert.gov/cas/techalerts/TA13-043A.html https://access.redhat.com/security/cve/CVE-2013-1373 https://bugzilla.redhat.com/show_bug.cgi?id • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 1%CPEs: 16EXPL: 0

Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0644 and CVE-2013-1374. Vulnerabilidad de uso después de liberación en Adobe Flash Player v10.3.183.63 y antes v11.x antes v11.6.602.168 en Windows, antes v10.3.183.61 y v11.x antes v11.6.602.167 en Mac OS X, antes v10.3.183.61 y v11.x antes v11.2.202.270 en Linux, antes v11.1.111.43 en Android v2.x y v3.x, y antes v11.1.115.47 en Android v4.x; Adobe AIR antes v3.6.0.597, y Adobe AIR SDK antes v3.6.0.599 permite a los atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-2013-0644 y CVE-2013 1374. • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html http://rhn.redhat.com/errata/RHSA-2013-0254.html http://www.adobe.com/support/security/bulletins/apsb13-05.html http://www.us-cert.gov/cas/techalerts/TA13-043A.html https://access.redhat.com/security/cve/CVE-2013-0649 https://bugzilla.redhat.com/show_bug.cgi?id • CWE-399: Resource Management Errors •