Page 159 of 909 results (0.316 seconds)

CVSS: 8.8EPSS: 2%CPEs: 17EXPL: 0

CVE-2016-4223 – Adobe Flash AdTimelineItem Type Confusion Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2016-4223

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2016-4224 and CVE-2016-4225. Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versión 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar un código arbitrario aprovechando una "type confusion" no especificada, una vulnerabilidad diferente a CVE-2016-4224 y CVE-2016-4225. ... By performing actions in ActionScript an attacker can trigger a type confusion condition. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html http://www.securityfocus.com/bid/91718 http://www.securitytracker.com/id/1036280 http://www.zerodayinitiative.com/advisories/ZDI-16-424 https://access.redhat.com/errata/RHSA-2016:1423 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 https://helpx.adobe.com/security/products/flash-player/apsb16-25.html https:/&#x • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 8.8EPSS: 2%CPEs: 17EXPL: 0

CVE-2016-4225 – Adobe Flash AdBreakPlacement Type Confusion Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2016-4225

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2016-4223 and CVE-2016-4224. Adobe Flash Player en versiones anteriores a 18.0.0.366 y 19.x hasta la versión 22.x en versiones anteriores a 22.0.0.209 en Windows y OS X y en versiones anteriores a 11.2.202.632 en Linux permite a atacantes ejecutar un código arbitrario aprovechando una "type confusion" no especificada, una vulnerabilidad diferente a CVE-2016-4223 y CVE-2016-4224. ... By performing actions in ActionScript an attacker can trigger a type confusion condition. • http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html http://www.securityfocus.com/bid/91718 http://www.securitytracker.com/id/1036280 http://www.zerodayinitiative.com/advisories/ZDI-16-427 https://access.redhat.com/errata/RHSA-2016:1423 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-093 https://helpx.adobe.com/security/products/flash-player/apsb16-25.html https:/&#x • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 9.8EPSS: 3%CPEs: 6EXPL: 1

CVE-2016-5770 – php: Int/size_t confusion in SplFileObject::fread

https://notcve.org/view.php?id=CVE-2016-5770

A type confusion issue was found in the SPLFileObject fread() function. • http://github.com/php/php-src/commit/7245bff300d3fa8bacbef7897ff080a6f1c23eba?w=1 http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html http://php.net/ChangeLog-5.php http://rhn.redhat.com/errata/RHSA-2016-2750.html http://www.debian.org/security/2016/dsa-3618 http://www.openwall.com/lists/oss-security/2016/06/23/4 http: • CWE-190: Integer Overflow or Wraparound CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 9.3EPSS: 1%CPEs: 29EXPL: 0

CVE-2016-4149 – flash-plugin: multiple code execution issues fixed in APSB16-18

https://notcve.org/view.php?id=CVE-2016-4149

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos, una vulnerabiliad diferente a otras CVEs listadas en MS16-083. • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00038.html http://www.securitytracker.com/id/1036117 https://access.redhat.com/errata/RHSA-2016:1238 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-083 https://helpx.adobe.com/security/products/flash-player/apsb16-18.html https://access.redhat.com/security • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 9.3EPSS: 92%CPEs: 3EXPL: 3

CVE-2016-0199 – Microsoft Internet Explorer 11 - Garbage Collector Attribute Type Confusion (MS16-063)

https://notcve.org/view.php?id=CVE-2016-0199

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0200 and CVE-2016-3211. Microsoft Internet Explorer 9 hasta la versión 11 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un sitio web manipulado, también conocida como "Internet Explorer Memory Corruption Vulnerability", una vulnerabilidad diferente a CVE-2016-0200 y CVE-2016-3211. With MS16-063, Microsoft has patched CVE-2016-0199 which relates to a memory corruption bug in the garbage collector of the JavaScript engine used in Internet Explorer 11. • https://www.exploit-db.com/exploits/39994 https://github.com/LeoonZHANG/CVE-2016-0199 http://packetstormsecurity.com/files/137533/Microsoft-Internet-Explorer-11-Garbage-Collector-Attribute-Type-Confusion.html http://seclists.org/fulldisclosure/2016/Jun/44 http://www.securityfocus.com/archive/1/538706/100/0/threaded http://www.securitytracker.com/id/1036096 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-063 https://www.verisign.com/en_US/security-services/security • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •