CVE-2014-0506 – Adobe Flash ExternalInterface Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-0506
Use-after-free vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows remote attackers to execute arbitrary code, and possibly bypass an Internet Explorer sandbox protection mechanism, via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014. Una vulnerabilidad de uso de la memoria previamente liberada en Adobe Flash Player anteriores a versión 11.7.700.275 y versiones 11.8.x hasta 13.0.x anteriores a 13.0.0.182 en Windows y OS X y anteriores a versión 11.2.202.350 en Linux, Adobe AIR anteriores a versión 13.0.0.83 en Android, Adobe AIR SDK anteriores a versión 13.0.0.83, y Adobe AIR SDK & Compiler anteriores a versión 13.0.0.83, permite a los atacantes remotos ejecutar código arbitrario, y posiblemente omitir un mecanismo de protección del sandbox de Internet Explorer, por medio de vectores no especificados, como es demostrado por VUPEN durante una competencia de Pwn2Own en CanSecWest 2014. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of ExternalInterface. By manipulating a SWF's objects an attacker can force a dangling pointer to be reused after it has been freed. • http://helpx.adobe.com/security/products/flash-player/apsb14-09.html http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00012.html http://lists.opensuse.org/opensuse-updates/2014-04/msg00036.html http://lists.opensuse.org/opensuse-updates/2014-04/msg00050.html http://rhn.redhat.com/errata/RHSA-2014-0380.html http://security.gentoo.org/glsa/glsa-201405-04.xml http://twitter.com/thezdi/statuses/443886338077495296 http://www.pwn2own.com/2014/03/pwn2own-results-for-wednesday-day& • CWE-399: Resource Management Errors •
CVE-2014-0510 – Adobe Flash Display Object Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-0510
Heap-based buffer overflow in Adobe Flash Player 12.0.0.77 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Zeguang Zhao and Liang Chen during a Pwn2Own competition at CanSecWest 2014. Desbordamiento de buffer basado en memoria dinámica en Adobe Flash Player 12.0.0.77 permite a atacantes remotos ejecutar código arbitrario y evadir un mecanismo de protección sandbox a través de vectores no especificados, como fue demostrado por Zeguang Zhao y Liang Chen durante una competición Pwn2Own en CanSecWest 2014. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of display objects. The issue lies in modifying an object's parent within a callback. • http://helpx.adobe.com/security/products/flash-player/apsb14-14.html http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00008.html http://rhn.redhat.com/errata/RHSA-2014-0496.html http://security.gentoo.org/glsa/glsa-201406-08.xml http://twitter.com/thezdi/statuses/444262022444621824 http://www.pwn2own.com/2014/03/pwn2own-results-thursday-day-two http://www.securityfocus.com/bid/66241 https://access.redhat.com/security/cve/CVE-2014-0510 https://bugzilla.redhat.com/s • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-416: Use After Free •
CVE-2014-0504 – flash-plugin: exposure of clipboard contents (APSB14-08)
https://notcve.org/view.php?id=CVE-2014-0504
Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows attackers to read the clipboard via unspecified vectors. Adobe Flash Player anterior a 11.7.700.272 y 11.8.x hasta 12.0.x anterior a 12.0.0.77 en Windows y OS X, y anterior a 11.2.202.346 en Linux, permite a atacantes remotos leer el portapapeles a través de vectores no especificados. • http://helpx.adobe.com/security/products/flash-player/apsb14-08.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00014.html http://rhn.redhat.com/errata/RHSA-2014-0289.html http://security.gentoo.org/glsa/glsa-201405-04.xml https://access.redhat.com/security/cve/CVE-2014-0504 https://bugzilla.redhat.com/show_bug.cgi?id=1075252 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2014-0503 – flash-plugin: same origin policy bypass (APSB14-08)
https://notcve.org/view.php?id=CVE-2014-0503
Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. Adobe Flash Player anterior a 11.7.700.272 y 11.8.x hasta 12.0.x anterior a 12.0.0.77 en Windows y OS X, y anterior a 11.2.202.346 en Linux, permite a atacantes remotos evadir Same Origin Policy a través de vectores no especificados. • http://helpx.adobe.com/security/products/flash-player/apsb14-08.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00014.html http://rhn.redhat.com/errata/RHSA-2014-0289.html http://security.gentoo.org/glsa/glsa-201405-04.xml https://access.redhat.com/security/cve/CVE-2014-0503 https://bugzilla.redhat.com/show_bug.cgi?id=1075250 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2014-0498 – Adobe Flash Player RegExp Stack Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-0498
Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Mac OS X and before 11.2.202.341 on Linux, Adobe AIR before 4.0.0.1628 on Android, Adobe AIR SDK before 4.0.0.1628, and Adobe AIR SDK & Compiler before 4.0.0.1628 allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de buffer basado en pila en Adobe Flash Player anterior a 11.7.700.269 y 11.8.x hasta 12.0.x anterior a 12.0.0.70 en Windows y Mac OS X y anterior a 11.2.202.341 en Linux, Adobe AIR anterior a 4.0.0.1628 en Android, Adobe AIR SDK anterior a 4.0.0.1628, y Adobe AIR SDK & Compiler anterior a 4.0.0.1628 permite a atacantes ejecutar código arbitrario a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of regular expressions in ActionScript where an expression could overflow a data structure on the stack. An attacker can leverage this vulnerability to execute code under the context of the current process. • http://helpx.adobe.com/security/products/flash-player/apsb14-07.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00017.html http://rhn.redhat.com/errata/RHSA-2014-0196.html http://security.gentoo.org/glsa/glsa-201405-04.xml https://access.redhat.com/security/cve/CVE-2014-0498 https://bugzilla.redhat.com/show_bug.cgi? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •