CVE-2012-5280 – flash-plugin: multiple code-execution flaws (APSB12-24)
https://notcve.org/view.php?id=CVE-2012-5280
Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, and CVE-2012-5277. Desbordamiento de búfer en Adobe Flash Player antes de v10.3.183.43 y v11.x antes de v11.5.502.110 en Windows y Mac OS X, antes de v10.3.183.43 y v11.x antes de v11.2.202.251 en Linux, antes de v11.1.111.24 en Android 2.x y 3.x, y antes de v11.1.115.27 en Android 4.x, Adobe AIR antes de v3.5.0.600, y Adobe AIR SDK antes de v3.5.0.600 permite a los atacantes remotos ejecutar código de su elección a través de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2012-5274, CVE-2012-5275, CVE-2012-5276 y CVE-2012 5277. • http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00030.html http://rhn.redhat.com/errata/RHSA-2012-1431.html http://secunia.com/advisories/51186 http://secunia.com/advisories/51207 http://secunia.com/advisories/51213 http://secunia.com/advisories/51245 htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-5275 – flash-plugin: multiple code-execution flaws (APSB12-24)
https://notcve.org/view.php?id=CVE-2012-5275
Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5276, CVE-2012-5277, and CVE-2012-5280. Desbordamiento de búfer en Adobe Flash Player antes de v10.3.183.43 y v11.x antes de v11.5.502.110 en Windows y Mac OS X, antes de v10.3.183.43 y v11.x antes de v11.2.202.251 en Linux, antes de v11.1.111.24 en Android v2.x y y3.x, y antes de v11.1.115.27 en Android 4.x, Adobe AIR antes de v3.5.0.600, y Adobe AIR SDK antes de v3.5.0.600 permite a los atacantes ejecutar código de su elección a través de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2012-5274, CVE-2012-5276, CVE-2012-5277 y CVE-2012 5280. • http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00030.html http://rhn.redhat.com/errata/RHSA-2012-1431.html http://secunia.com/advisories/51186 http://secunia.com/advisories/51207 http://secunia.com/advisories/51213 http://secunia.com/advisories/51245 htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-5278 – flash-plugin: multiple code-execution flaws (APSB12-24)
https://notcve.org/view.php?id=CVE-2012-5278
Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors. Adobe Flash Player antes de v10.3.183.43 y v11.x antes de v11.5.502.110 en Windows y Mac OS X, antes de v10.3.183.43 y v11.x antes de v11.2.202.251 en Linux, antes de v11.1.111.24 en Android 2.x y 3.x y antes de v11.1.115.27 en Android 4.x, y Adobe AIR antes de v3.5.0.600, y Adobe AIR SDK antes de v3.5.0.600 permiten a los atacantes para eludir restricciones de acceso previstos y ejecutar código arbitrario a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00030.html http://rhn.redhat.com/errata/RHSA-2012-1431.html http://secunia.com/advisories/51186 http://secunia.com/advisories/51207 http://secunia.com/advisories/51213 http://secunia.com/advisories/51245 htt • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-5277 – flash-plugin: multiple code-execution flaws (APSB12-24)
https://notcve.org/view.php?id=CVE-2012-5277
Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, and CVE-2012-5280. Desbordamiento de búfer en Adobe Flash Player antes de v10.3.183.43 y v11.x antes de v11.5.502.110 en Windows y Mac OS X, antes de v10.3.183.43 y 11.x antes de v11.2.202.251 en Linux, antes de v11.1.111.24 en Android 2.x y 3.x, y antes de v11.1.115.27 en Android 4.x, Adobe AIR antes de v3.5.0.600, y Adobe AIR SDK antes de v3.5.0.600 permite a los atacantes ejecutar código de su elección a través de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2012-5274, CVE-2012-5275, CVE-2012-5276 y CVE-2012 5280. • http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00030.html http://rhn.redhat.com/errata/RHSA-2012-1431.html http://secunia.com/advisories/51186 http://secunia.com/advisories/51207 http://secunia.com/advisories/51213 http://secunia.com/advisories/51245 htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-3987
https://notcve.org/view.php?id=CVE-2012-3987
Mozilla Firefox before 16.0 on Android assigns chrome privileges to Reader Mode pages, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site. Mozilla Firefox antes de v16.0 en Android asigna privilegios chrome a páginas Reader Mode, lo que permite a atacantes remotos asistidos por el usuario eludir restricciones de acceso destinados a través de un sitio web manipulado. • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00010.html http://osvdb.org/86107 http://secunia.com/advisories/50856 http://www.mozilla.org/security/announce/2012/mfsa2012-78.html https://bugzilla.mozilla.org/show_bug.cgi?id=778582 • CWE-264: Permissions, Privileges, and Access Controls •