CVSS: 10.0EPSS: 2%CPEs: 14EXPL: 0CVE-2012-4165 – flash-plugin: multiple code execution flaws (APSB12-19)
https://notcve.org/view.php?id=CVE-2012-4165
Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4163 and CVE-2012-4164. Adobe Flash Player anterior a v11.4.402.265 en Windows y Mac OS X, anterior a v11.2.202.238 en Linux, anterior a v11.1.111.16 en Android v2.x y v3.x, y anterior a v11.1.115.17 en Android v4.x; Adobe AIR anterior a v3.4.0.2540; y Adobe AIR SDK anterior a v3.4.0.2540 permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente que CVE-2012-4163, CVE-2012-4164, y CVE-2012-4166. • http://marc.info/?l=bugtraq&m=139455789818399&w=2 http://rhn.redhat.com/errata/RHSA-2012-1203.html http://security.gentoo.org/glsa/glsa-201209-01.xml http://www.adobe.com/support/security/bulletins/apsb12-19.html https://access.redhat.com/security/cve/CVE-2012-4165 https://bugzilla.redhat.com/show_bug.cgi?id=850528 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 14EXPL: 0CVE-2012-4167 – flash-plugin: multiple code execution flaws (APSB12-19)
https://notcve.org/view.php?id=CVE-2012-4167
Integer overflow in Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de entero en Adobe Flash Player anterior a v11.4.402.265 en Windows y Mac OS X, anterior a v11.2.202.238 en Linux, anterior a v11.1.111.16 en Android v2.x y v3.x, y anterior a v11.1.115.17 en Android v4.x; Adobe AIR anterior a v3.4.0.2540; y Adobe AIR SDK anterior a v3.4.0.2540 permite a atacantes ejecutar código arbitrario a través de vectores no especificados. • http://marc.info/?l=bugtraq&m=139455789818399&w=2 http://rhn.redhat.com/errata/RHSA-2012-1203.html http://security.gentoo.org/glsa/glsa-201209-01.xml http://www.adobe.com/support/security/bulletins/apsb12-19.html https://access.redhat.com/security/cve/CVE-2012-4167 https://bugzilla.redhat.com/show_bug.cgi?id=850528 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 95%CPEs: 262EXPL: 1CVE-2012-1535 – Adobe Flash Player Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-1535
Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted SWF content, as exploited in the wild in August 2012 with SWF content in a Word document. Vulnerabilidad no especificada en Adobe Flash Player anterior a v11.3.300.271 en Windows y Mac OS X y anterior a v11.2.202.238 en Linux permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (caída de la aplicación) a través de contenido SWF especialmente diseñado, como se explotó en Agosto de 2012 con el contenido de un SWF en un documento Word. Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute arbitrary code or cause a denial of service via crafted SWF content. • https://www.exploit-db.com/exploits/20624 http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00012.html http://marc.info/?l=bugtraq&m=139455789818399&w=2 http://rhn.redhat.com/errata/RHSA-2012-1203.html http://security.gentoo.org/glsa/glsa-201209-01.xml http://www.adobe.com/support/security/bulletins/apsb12-18.html https://access.redhat.com/security/cve/CVE-2012-1535 https://bugzilla.red •
CVSS: 9.3EPSS: 1%CPEs: 25EXPL: 0CVE-2012-2037 – flash-plugin: multiple code execution flaws (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2037
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2034. Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior a v10.3.183.20 y v11.x anterior a v11.2.202.236 en Linux; anterior a v11.1.111.10 en Android v2.x y v3.x; y anterior a v11.1.115.9 en Android v4.x, y Adobe AIR anterior a v3.3.0.3610, permite a atacantes ejecutar comandos o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, es una vulnerabilidad distinta a CVE-2012-2034. • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html http://rhn.redhat.com/errata/RHSA-2012-0722.html http://www.adobe.com/support/security/bulletins/apsb12-14.html https://access.redhat.com/security/cve/CVE-2012-2037 https://bugzilla.redhat.com/show_bug.cgi?id=830310 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 25EXPL: 0CVE-2012-2034 – Adobe Flash Player Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2012-2034
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2037. Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior a v10.3.183.20 y v11.x anterior a v11.2.202.236 en Linux; anterior a v11.1.111.10 en Android v2.x y v3.x; y anterior a v11.1.115.9 en Android v4.x, y Adobe AIR anterior a v3.3.0.3610, permite a atacantes ejecutar comandos o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, es una vulnerabilidad distinta a CVE-2012-2034. Adobe Flash Player contains a memory corruption vulnerability that allows for remote code execution or denial-of-service (DoS). • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html http://rhn.redhat.com/errata/RHSA-2012-0722.html http://www.adobe.com/support/security/bulletins/apsb12-14.html https://access.redhat.com/security/cve/CVE-2012-2034 https://bugzilla.redhat.com/show_bug.cgi?id=830310 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •