CVSS: 9.8EPSS: 4%CPEs: 25EXPL: 0CVE-2012-2036 – flash-plugin: multiple code execution flaws (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2036
09 Jun 2012 — Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de entero en Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior a v10.3.183.20 y v11.x a... • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 4%CPEs: 25EXPL: 0CVE-2012-2037 – flash-plugin: multiple code execution flaws (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2037
09 Jun 2012 — Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2034. Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Window... • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 25EXPL: 0CVE-2012-2038 – flash-plugin: information disclosure flaw (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2038
09 Jun 2012 — Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior a v10.3.183.20 y v11.x ant... • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 3%CPEs: 25EXPL: 0CVE-2012-2039 – flash-plugin: multiple code execution flaws (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2039
09 Jun 2012 — Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors. Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior a v10.3.183.20 y... • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 1%CPEs: 21EXPL: 3CVE-2012-1938 – Mozilla: Miscellaneous memory safety hazards (rv:13.0/ rv:10.0.5) (MFSA 2012-34)
https://notcve.org/view.php?id=CVE-2012-1938
05 Jun 2012 — Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components. Múltiples vulnerabilidades no especificadas en el motor del navegador de Mozilla Firef... • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00012.html •
CVSS: 8.8EPSS: 5%CPEs: 17EXPL: 0CVE-2012-0247 – ImageMagick: invalid validation of images denial of service
https://notcve.org/view.php?id=CVE-2012-0247
05 Jun 2012 — ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted offset and count values in the ResolutionUnit tag in the EXIF IFD0 of an image. ImageMagick v6.7.5-7 y anteriores permite a atacantes remotos causar una denegación de servicio (corrupción de memoria) y posiblemente ejecutar código de su elección a través de desplazamientos (offsets) modificados y contar valores en la etiqueta ResolutionUnit en el EXIF IFD0 ... • http://rhn.redhat.com/errata/RHSA-2012-0544.html • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 17EXPL: 0CVE-2012-0248 – ImageMagick: invalid validation of images denial of service
https://notcve.org/view.php?id=CVE-2012-0248
05 Jun 2012 — ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF. ImageMagick v6.7.5-7 y anteriores permite a atacantes remotos causar una denegación de servicio (bucle infinito y bloqueo) a través de una imagen hecha a mano, cuya IFD contiene etiquetas IOP que referencian al principio del IDF. • http://rhn.redhat.com/errata/RHSA-2012-0544.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 1%CPEs: 17EXPL: 0CVE-2012-0260 – ImageMagick: excessive CPU use DoS by processing JPEG images with crafted restart markers
https://notcve.org/view.php?id=CVE-2012-0260
05 Jun 2012 — The JPEGWarningHandler function in coders/jpeg.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (memory consumption) via a JPEG image with a crafted sequence of restart markers. La función de JPEGWarningHandler en coders/jpeg.c en ImageMagick antes de v6.7.6-3 permite a atacantes remotos causar una denegación de servicio (consumo de memoria) a través de una imagen JPEG con una secuencia de marcadores de reinicio hecha a mano. Aleksis Kauppinen, Joonas Kuorilehto and Tuoma... • http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 1%CPEs: 11EXPL: 0CVE-2012-1798 – ImageMagick: Out-of-bounds buffer read by copying image bytes for TIFF images with crafted TIFF EXIF IFD value
https://notcve.org/view.php?id=CVE-2012-1798
05 Jun 2012 — The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image. La función de TIFFGetEXIFProperties en coders/tiff.c en ImageMagick antes de v6.7.6-3 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de los límites y caída de la aplicación) a través de un IFD EXIF modificado en una imagen TIFF. • http://lists.opensuse.org/opensuse-updates/2012-06/msg00001.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 7%CPEs: 18EXPL: 0CVE-2011-3045 – libpng: buffer overflow in png_inflate caused by invalid type conversions
https://notcve.org/view.php?id=CVE-2011-3045
22 Mar 2012 — Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. El error de signo de entero en pngrutil.c en libpng antes v1.4.10beta01, tal y como se utiliza en Google Chrome antes de v17.0.963.83 y otros productos, permite a atacantes... • http://code.google.com/p/chromium/issues/detail?id=116162 • CWE-190: Integer Overflow or Wraparound •