Page 163 of 1091 results (0.009 seconds)

CVSS: 9.3EPSS: 25%CPEs: 7EXPL: 0

Unspecified vulnerability in the ExternalInterface ActionScript functionality in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013. Vulnerabilidad sin especificar en la funcionalidad ExternalInterface ActionScript de Adobe Flash Player antes de v10.3.183.67 y v11.x antes de v11.6.602.171 para Windows y Mac OS X, y antes de v10.3.183.67 y v11.x antes de v11.2.202.273 para Linux, que permite a atacantes remotos ejecutar código arbitrario con contenido SWF hecho a mano, como los explotados en febrero de 2013 Adobe Flash Player contains an unspecified vulnerability in the ExternalInterface ActionScript functionality that allows a remote attacker to execute arbitrary code via crafted SWF content. • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html http://rhn.redhat.com/errata/RHSA-2013-0574.html http://www.adobe.com/support/security/bulletins/apsb13-08.html https://access.redhat.com/security/cve/CVE-2013-0648 https://bugzilla.redhat.com/show_bug.cgi?id=915961 •

CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0

Buffer overflow in the broker service in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento del de búfer en el servicio de agente en Adobe Flash Player antes de v10.3.183.67 y v11.x antes de v11.6.602.171 para Windows y Mac OS X, y antes de v10.3.183.67 y v11.x antes de v11.2.202.273 para Linux, que permite ataques de ejecución de código arbitrario usando vectores sin especificar. • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html http://rhn.redhat.com/errata/RHSA-2013-0574.html http://www.adobe.com/support/security/bulletins/apsb13-08.html http://www.securityfocus.com/bid/58184 https://access.redhat.com/security/cve/CVE-2013-0504 https://bugzilla.redhat.com/show_bug.cgi?id=915961 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 25%CPEs: 7EXPL: 0

The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted SWF content, as exploited in the wild in February 2013. El sandbox de Firefox para Adobe Flash Player antes de v10.3.183.67 y v11.x abtes de v11.6.602.171 para Windows y Mac OS X, y antes de v10.3.183.67 y v11.x antes de 11.2.202.273 para Linux, no restringe correctamente los privilegios lo que facilita a atacantes remotos ejecutar código arbitrario por contenidos SWF hechos a mano, como se explotó en febrero de 2013. Adobe Flash Player contains an incorrect default permissions vulnerability in the Firefox sandbox that allows a remote attacker to execute arbitrary code via crafted SWF content. • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00035.html http://rhn.redhat.com/errata/RHSA-2013-0574.html http://www.adobe.com/support/security/bulletins/apsb13-08.html https://access.redhat.com/security/cve/CVE-2013-0643 https://bugzilla.redhat.com/show_bug.cgi?id=915964 • CWE-264: Permissions, Privileges, and Access Controls CWE-269: Improper Privilege Management •

CVSS: 10.0EPSS: 1%CPEs: 16EXPL: 0

Buffer overflow in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE-2013-1372, and CVE-2013-1373. Desbordamiento de buffer en Adobe Flash Player v10.3.183.63 y antes de v11.x antes de v11.6.602.168 en Windows, antes de v10.3.183.61 y v11.x antes de v11.6.602.167 en Mac OS X, antes de v10.3.183.61 y v11.x antes de v11.2.202.270 en Linux, antes de v11.1.111.43 en Android v2.x y v3.x, y antes de v11.1.115.47 en Android v4.x, Adobe AIR antes de v3.6.0.597, y Adobe AIR SDK antes de v3.6.0.599 permite a los atacantes ejecutar código a través de vectores sin especificar no especificados, una vulnerabilidad diferente a CVE-2013-0642, CVE-2013-0645, CVE-2013-1365, CVE-2013-1366, CVE-2013-1367, CVE-2013-1368, CVE-2013-1369, CVE -2013-1372, y CVE-2013 1373. • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html http://rhn.redhat.com/errata/RHSA-2013-0254.html http://www.adobe.com/support/security/bulletins/apsb13-05.html http://www.us-cert.gov/cas/techalerts/TA13-043A.html https://access.redhat.com/security/cve/CVE-2013-1370 https://bugzilla.redhat.com/show_bug.cgi?id • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 1%CPEs: 16EXPL: 0

Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on Android 2.x and 3.x, and before 11.1.115.47 on Android 4.x; Adobe AIR before 3.6.0.597; and Adobe AIR SDK before 3.6.0.599 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0644 and CVE-2013-0649. Vulnerabilidad después de la liberación en Adobe Flash Player v10.3.183.63 y antes de v11.x antes de v11.6.602.168 en Windows, antes de v10.3.183.61 y v11.x antes de v11.6.602.167 en Mac OS X, antes de v10.3.183.61 y v11.x antes de v11.2.202.270 en Linux, antes de v11.1.111.43 en Android v2.x y v3.x, y antes de v11.1.115.47 en Android v4.x, Adobe AIR antes de v3.6.0.597, y Adobe AIR SDK antes de v3.6.0.599 permite a los atacantes ejecutar código arbitrario a través de vectores sin especificar, una vulnerabilidad diferente a CVE-2013-0644 y CVE-2013-0649. • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00011.html http://rhn.redhat.com/errata/RHSA-2013-0254.html http://www.adobe.com/support/security/bulletins/apsb13-05.html http://www.us-cert.gov/cas/techalerts/TA13-043A.html https://access.redhat.com/security/cve/CVE-2013-1374 https://bugzilla.redhat.com/show_bug.cgi?id • CWE-399: Resource Management Errors •