CVE-2017-3061 – Adobe Flash - Margin Handling Heap Corruption
https://notcve.org/view.php?id=CVE-2017-3061
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Flash Player 25.0.0.127 y anteriores tienen una vulnerabilidad de corrupción de memoria explotable en el analizador SWF. Una explotación exitosa podría conducir a la ejecución arbitraria de código. Adobe Flash suffers from a heap corruption vulnerability in the margin handling. • https://www.exploit-db.com/exploits/42018 http://www.securityfocus.com/bid/97557 http://www.securitytracker.com/id/1038225 https://access.redhat.com/errata/RHSA-2017:0934 https://helpx.adobe.com/security/products/flash-player/apsb17-10.html https://security.gentoo.org/glsa/201704-04 https://access.redhat.com/security/cve/CVE-2017-3061 https://bugzilla.redhat.com/show_bug.cgi?id=1441308 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-3063 – Adobe Flash NetStream Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-3063
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the ActionScript2 NetStream class. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Flash Player 25.0.0.127 y anteriores tienen un uso explotable después de la vulnerabilidad gratuita en la clase ActionScript2 NetStream. Una explotación exitosa podría conducir a la ejecución arbitraria de código. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://www.securityfocus.com/bid/97551 http://www.securitytracker.com/id/1038225 http://www.zerodayinitiative.com/advisories/ZDI-17-279 https://access.redhat.com/errata/RHSA-2017:0934 https://helpx.adobe.com/security/products/flash-player/apsb17-10.html https://security.gentoo.org/glsa/201704-04 https://access.redhat.com/security/cve/CVE-2017-3063 https://bugzilla.redhat.com/show_bug.cgi?id=1441308 • CWE-416: Use After Free •
CVE-2017-3064 – Adobe Flash - Out-of-Bounds Read in Getting TextField Width
https://notcve.org/view.php?id=CVE-2017-3064
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability when parsing a shape outline. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Flash Player 25.0.0.127 y anteriores tienen una vulnerabilidad de corrupción de memoria explotable al analizar un contorno de forma. Una explotación exitosa podría conducir a la ejecución arbitraria de código. Adobe Flash suffers from an out-of-bounds read vulnerability in getting TextField width. • https://www.exploit-db.com/exploits/42019 http://www.securityfocus.com/bid/97557 http://www.securitytracker.com/id/1038225 https://access.redhat.com/errata/RHSA-2017:0934 https://helpx.adobe.com/security/products/flash-player/apsb17-10.html https://security.gentoo.org/glsa/201704-04 https://access.redhat.com/security/cve/CVE-2017-3064 https://bugzilla.redhat.com/show_bug.cgi?id=1441308 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-3058 – Adobe Flash ByteArray Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-3058
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the sound class. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Flash Player 25.0.0.127 y anteriores tienen un uso explotable después de la vulnerabilidad gratuita en la clase de sonido. Una explotación exitosa podría conducir a la ejecución arbitraria de código. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://www.securityfocus.com/bid/97551 http://www.securitytracker.com/id/1038225 http://www.zerodayinitiative.com/advisories/ZDI-17-245 https://access.redhat.com/errata/RHSA-2017:0934 https://helpx.adobe.com/security/products/flash-player/apsb17-10.html https://security.gentoo.org/glsa/201704-04 https://access.redhat.com/security/cve/CVE-2017-3058 https://bugzilla.redhat.com/show_bug.cgi?id=1441308 • CWE-416: Use After Free •
CVE-2017-3059 – Adobe Flash AS2 New Opcode Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-3059
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the internal script object. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Flash Player 25.0.0.127 y anteriores tienen un uso explotable después de la vulnerabilidad gratuita en el objeto de secuencia de comandos interno. Una explotación exitosa podría conducir a la ejecución arbitraria de código. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://www.securityfocus.com/bid/97551 http://www.securitytracker.com/id/1038225 http://www.zerodayinitiative.com/advisories/ZDI-17-246 https://access.redhat.com/errata/RHSA-2017:0934 https://helpx.adobe.com/security/products/flash-player/apsb17-10.html https://security.gentoo.org/glsa/201704-04 https://access.redhat.com/security/cve/CVE-2017-3059 https://bugzilla.redhat.com/show_bug.cgi?id=1441308 • CWE-416: Use After Free •