Page 138 of 758 results (0.010 seconds)

CVSS: 9.3EPSS: 4%CPEs: 12EXPL: 1

CVE-2013-0633 – Adobe Flash Player - Regular Expression Heap Overflow

https://notcve.org/view.php?id=CVE-2013-0633

Buffer overflow in Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allows remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013. Desbordamiento de búfer en Adobe Flash Player antes de v10.3.183.51 y v11.x antes de v11.5.502.149 en Windows y Mac OS X, antes de v10.3.183.51 y v11.x antes de v11.2.202.262 en Linux, antes de v11.1.111.32 en Android v2.x y v3.x, y antes de v11.1.115.37 en Android v4.x permite a atacantes remotos ejecutar código arbitrario a través de contenido SWF preparado para este propósito, como fueron explotados en libremente en Febrero de 2013. • https://www.exploit-db.com/exploits/32959 http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00007.html http://rhn.redhat.com/errata/RHSA-2013-0243.html http://www.adobe.com/support/security/bulletins/apsb13-04.html https://access.redhat.com/security/cve/CVE-2013-0633 https://bugzilla.redhat.com/show_bug.cgi?id=908999 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.1EPSS: 0%CPEs: 17EXPL: 1

CVE-2011-1350 – Google Android 2.3.5 - PowerVR SGX Driver Information Disclosure

https://notcve.org/view.php?id=CVE-2011-1350

The PowerVR SGX driver in Android before 2.3.6 allows attackers to obtain potentially sensitive information from kernel stack memory via an application that uses a crafted length parameter in a request to the pvrsrvkm device. El controlador PowerVR SGX en Android antes de v2.3.6 permite a atacantes obtener la información potencialmente confidencial de la memoria de pila del núcleo a través de una aplicación que utiliza un parámetro de longitud diseñado en una solicitud al dispositivo pvrsrvkm. • https://www.exploit-db.com/exploits/38310 http://code.google.com/p/android/issues/detail?id=21522 http://jon.oberheide.org/files/levitator.c • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.9EPSS: 0%CPEs: 17EXPL: 1

CVE-2011-1352

https://notcve.org/view.php?id=CVE-2011-1352

The PowerVR SGX driver in Android before 2.3.6 allows attackers to gain root privileges via an application that triggers kernel memory corruption using crafted user data to the pvrsrvkm device. El controlador PowerVR SGX en Android antes de v2.3.6 permite a atacantes obtener privilegios de administrador a través de una aplicación que provoca corrupción de memoria del núcleo a partir de datos elaborados del usuario al dispositivo pvrsrvkm. • http://code.google.com/p/android/issues/detail?id=21523 http://jon.oberheide.org/files/levitator.c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.8EPSS: 0%CPEs: 332EXPL: 0

CVE-2013-0751

https://notcve.org/view.php?id=CVE-2013-0751

Mozilla Firefox before 18.0 on Android and SeaMonkey before 2.15 do not restrict a touch event to a single IFRAME element, which allows remote attackers to obtain sensitive information or possibly conduct cross-site scripting (XSS) attacks via a crafted HTML document. Mozilla Firefox anterior a 18.0 en Android y SeaMonkey anterior a 2.15 no restringen los eventos de "tap" (tocar la pantalla) a un único elemento IFRAME, lo que permite a atacantes remotos obtener información sensible o posiblemente llevar a cabo ataques XSS a través de un documento HTML. • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00017.html http://www.mozilla.org/security/announce/2013/mfsa2013-06.html https://bugzilla.mozilla.org/show_bug.cgi?id=790454 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16616 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 1%CPEs: 95EXPL: 0

CVE-2013-0630 – flash-plugin: buffer overflow flaw that can lead to arbitrary code execution (APSB13-01)

https://notcve.org/view.php?id=CVE-2013-0630

Buffer overflow in Adobe Flash Player before 10.3.183.50 and 11.x before 11.5.502.146 on Windows and Mac OS X, before 10.3.183.50 and 11.x before 11.2.202.261 on Linux, before 11.1.111.31 on Android 2.x and 3.x, and before 11.1.115.36 on Android 4.x; Adobe AIR before 3.5.0.1060; and Adobe AIR SDK before 3.5.0.1060 allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer en Adobe Flash Player anteriores a v10.3.183.50 y 11.x anteriores a v11.5.502.146 en Windows y Mac OS X, anteriores a v10.3.183.50 y 11.x anteriores a v11.2.202.261 en Linux, anteriores a v11.1.111.31 en Android 2.x y 3.x, y anteriores a v11.1.115.36 en Android 4.x; Adobe AIR anteriores a v3.5.0.1060; y Adobe AIR SDK anteriores a v3.5.0.1060 permite a atacantes remotos a ejecutar código a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00003.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00012.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00019.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00059.html http://lists.opensuse.org/opensuse-updates/2013-02/msg00084.html http://rhn.redhat.com/errata/RHSA-2013-0149.html http://www.adobe.com/support/security/bulletins/apsb13-01.html https://access.redhat.com/security/cve/CVE • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •