CVSS: 10.0EPSS: 1%CPEs: 133EXPL: 0CVE-2012-0768 – flash-plugin: code execution flaw (APSB12-05)
https://notcve.org/view.php?id=CVE-2012-0768
The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. El componente Matrix3D en Adobe Flash Player anterior a v10.3.183.16 y v11.x anterior a v11.1.102.63 en Windows, Mac OS X, Linux, y Solaris; anteriores a v11.1.111.7 en Android 2.x y 3.x; y anteriores a v11.1.115.7 en Android 4.x permite a atacantes ejecutar código o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00006.html http://secunia.com/advisories/48819 http://security.gentoo.org/glsa/glsa-201204-07.xml http://www.adobe.com/support/security/bulletins/apsb12-05.html http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15058 https:&#x • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 1%CPEs: 10EXPL: 0CVE-2012-0753 – flash-plugin: multiple code execution flaws (APSB12-03)
https://notcve.org/view.php?id=CVE-2012-0753
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted MP4 data. Adobe Flash Player anterior a v10.3.183.15 y v11.x anterior a v11.1.102.62 en Windows, Mac OS X, Linux, y Solaris; anterior a 11.1.111.6 en Android 2.x y 3.x; y anterior a v11.1.115.6 en Android 4.x permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) mediante paquetes MP4 manipulados • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html http://rhn.redhat.com/errata/RHSA-2012-0144.html http://secunia.com/advisories/48265 http://secunia.com/advisories/48819 http://security.gentoo.org/glsa/glsa-201204-07.xml http://www.adobe.com/support/security/bulletins/apsb12-03.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14795 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15601 h • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 32%CPEs: 10EXPL: 0CVE-2012-0756 – flash-plugin: multiple code execution flaws (APSB12-03)
https://notcve.org/view.php?id=CVE-2012-0756
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2012-0755. Adobe Flash Player anterior a v10.3.183.15 y v11.x anterior a v11.1.102.62 en Windows, Mac OS X, Linux, y Solaris; anterior a v11.1.111.6 en Android 2.x y 3.x; y anterior a v11.1.115.6 en Android 4.x permite a atacantes eludir las restricciones de acceso mediante vectores no especificados, una vulnerabilidad diferente a CVE-2012-0755. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html http://rhn.redhat.com/errata/RHSA-2012-0144.html http://secunia.com/advisories/48265 http://secunia.com/advisories/48819 http://security.gentoo.org/glsa/glsa-201204-07.xml http://www.adobe.com/support/security/bulletins/apsb12-03.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14881 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16149 h •
CVSS: 10.0EPSS: 2%CPEs: 5EXPL: 0CVE-2012-0751
https://notcve.org/view.php?id=CVE-2012-0751
The ActiveX control in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. El control ActiveX de Adobe Flash Player v10.3.183.15 y anterior a v11.1.102.62 11.x en Windows permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html http://secunia.com/advisories/48265 http://www.adobe.com/support/security/bulletins/apsb12-03.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14985 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2012-0767 – Adobe Flash Player Cross-Site Scripting (XSS) Vulnerability
https://notcve.org/view.php?id=CVE-2012-0767
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)," as exploited in the wild in February 2012. Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en Adobe Flash Player antes de v10.3.183.15 y v11.x antes de v11.1.102.62 en Windows, Mac OS X, Linux y Solaris. Antes de v11.1.111.6 en Android v2.x y v3.x; y antes de v11.1.115.6 en Android v4.x permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. Se trata de un problema también conocido como "Universal XSS (UXSS)". Tal y como se explotó en Febrero de 2012. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html http://rhn.redhat.com/errata/RHSA-2012-0144.html http://secunia.com/advisories/48265 http://secunia.com/advisories/48819 http://security.gentoo.org/glsa/glsa-201204-07.xml http://www.adobe.com/support/security/bulletins/apsb12-03.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14806 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15933 h • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •