CVSS: 9.3EPSS: 0%CPEs: 13EXPL: 0CVE-2017-3058 – Adobe Flash ByteArray Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-3058
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable use after free vulnerability in the sound class. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Flash Player 25.0.0.127 y anteriores tienen un uso explotable después de la vulnerabilidad gratuita en la clase de sonido. Una explotación exitosa podría conducir a la ejecución arbitraria de código. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://www.securityfocus.com/bid/97551 http://www.securitytracker.com/id/1038225 http://www.zerodayinitiative.com/advisories/ZDI-17-245 https://access.redhat.com/errata/RHSA-2017:0934 https://helpx.adobe.com/security/products/flash-player/apsb17-10.html https://security.gentoo.org/glsa/201704-04 https://access.redhat.com/security/cve/CVE-2017-3058 https://bugzilla.redhat.com/show_bug.cgi?id=1441308 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 5%CPEs: 13EXPL: 0CVE-2017-3060 – Adobe Flash SWF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-3060
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the ActionScript2 code parser. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Flash Player 25.0.0.127 y anteriores tienen una vulnerabilidad de corrupción de memoria explotable en el analizador de código ActionScript2. Una explotación exitosa podría conducir a la ejecución arbitraria de código. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://www.securityfocus.com/bid/97557 http://www.securitytracker.com/id/1038225 http://www.zerodayinitiative.com/advisories/ZDI-17-247 https://access.redhat.com/errata/RHSA-2017:0934 https://helpx.adobe.com/security/products/flash-player/apsb17-10.html https://security.gentoo.org/glsa/201704-04 https://access.redhat.com/security/cve/CVE-2017-3060 https://bugzilla.redhat.com/show_bug.cgi?id=1441308 • CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 2%CPEs: 13EXPL: 0CVE-2017-2999 – flash-plugin: multiple code execution issues fixed in APSB17-07
https://notcve.org/view.php?id=CVE-2017-2999
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versión 24.0.0.221 y versiones anteriores tienen una vulnerabilidad de corrupción de memoria explotable en la funcionalidad Primetime TVSDK relacionada con alojamiento de la superficie de reproducción. Una explotación exitosa podría resultar en ejecución de código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0526.html http://www.securityfocus.com/bid/96866 http://www.securitytracker.com/id/1037994 https://helpx.adobe.com/security/products/flash-player/apsb17-07.html https://security.gentoo.org/glsa/201703-02 https://access.redhat.com/security/cve/CVE-2017-2999 https://bugzilla.redhat.com/show_bug.cgi?id=1432200 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 1%CPEs: 13EXPL: 0CVE-2017-3003 – flash-plugin: multiple code execution issues fixed in APSB17-07
https://notcve.org/view.php?id=CVE-2017-3003
Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to an interaction between the privacy user interface and the ActionScript 2 Camera object. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versión 24.0.0.221 y versiones anteriores tienen una vulnerabilidad de uso después de liberación de memoria explotable relacionado con una interacción entre la interfaz de privacidad del usuario y el objeto ActionScript 2 Camera. Una explotación exitosa puede resultar en ejecución arbitraria de código.. • http://rhn.redhat.com/errata/RHSA-2017-0526.html http://www.securityfocus.com/bid/96861 http://www.securitytracker.com/id/1037994 https://helpx.adobe.com/security/products/flash-player/apsb17-07.html https://security.gentoo.org/glsa/201703-02 https://access.redhat.com/security/cve/CVE-2017-3003 https://bugzilla.redhat.com/show_bug.cgi?id=1432200 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 1CVE-2017-3000 – flash-plugin: multiple code execution issues fixed in APSB17-07
https://notcve.org/view.php?id=CVE-2017-3000
Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability in the random number generator used for constant blinding. Successful exploitation could lead to information disclosure. Adobe Flash Player versión 24.0.0.221 y versiones anteriores tienen una vulnerabilidad en el generador de números aleatorios utilizado para el cegamiento constante. Una explotación exitosa podría resultar en divulgación de información. • https://github.com/dangokyo/CVE-2017-3000 http://rhn.redhat.com/errata/RHSA-2017-0526.html http://www.securityfocus.com/bid/96862 http://www.securitytracker.com/id/1037994 https://helpx.adobe.com/security/products/flash-player/apsb17-07.html https://security.gentoo.org/glsa/201703-02 https://access.redhat.com/security/cve/CVE-2017-3000 https://bugzilla.redhat.com/show_bug.cgi?id=1432200 •