CVSS: 4.3EPSS: 0%CPEs: 25EXPL: 0CVE-2012-2038 – flash-plugin: information disclosure flaw (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2038
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior a v10.3.183.20 y v11.x anterior a v11.2.202.236 en Linux; anterior a v11.1.111.10 en Android v2.x y v3.x; y anterior a v11.1.115.9 en Android v4.x, y Adobe AIR anterior a v3.3.0.3610, permite a atacantes evitar las restricciones de acceso y obtener información sensible a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html http://rhn.redhat.com/errata/RHSA-2012-0722.html http://www.adobe.com/support/security/bulletins/apsb12-14.html https://access.redhat.com/security/cve/CVE-2012-2038 https://bugzilla.redhat.com/show_bug.cgi?id=830311 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 25EXPL: 0CVE-2012-2035 – flash-plugin: multiple code execution flaws (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2035
Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer basado en pila en Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior a v10.3.183.20 y v11.x anterior a v11.2.202.236 en Linux; anterior a v11.1.111.10 en Android v2.x y v3.x; y anterior a v11.1.115.9 en Android v4.x, y Adobe AIR anterior a v3.3.0.3610, permite a atacantes ejecutar comandos a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html http://rhn.redhat.com/errata/RHSA-2012-0722.html http://www.adobe.com/support/security/bulletins/apsb12-14.html https://access.redhat.com/security/cve/CVE-2012-2035 https://bugzilla.redhat.com/show_bug.cgi?id=830310 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 89%CPEs: 10EXPL: 1CVE-2012-0779 – Adobe Flash Player - Object Type Confusion
https://notcve.org/view.php?id=CVE-2012-0779
Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows, Mac OS X, and Linux; before 11.1.111.9 on Android 2.x and 3.x; and before 11.1.115.8 on Android 4.x allows remote attackers to execute arbitrary code via a crafted file, related to an "object confusion vulnerability," as exploited in the wild in May 2012. Adobe Flash Player antes de v10.3.183.19 y v11.x antes de v11.2.202.235 en Windows, Mac OS X, y Linux; antes de v11.1.111.9 en Android v2.x y v3.x; y antes de v11.1.115.8 en Android 4.x permite a a atacantes remotos ejecutar código de su elección a través de un campo modificado, relacionado con una vulnerabilidad "object confusion", explotado en mayo de 2012. • https://www.exploit-db.com/exploits/19369 http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00005.html http://osvdb.org/81656 http://rhn.redhat.com/errata/RHSA-2012-0688.html http://secunia.com/advisories/49038 http://secunia.com/advisories/49096 http://www.adobe.com/support/security/bulletins/apsb12-09.html http://www.securityfocus.com/bid/53395 http://www.securitytracker.com/id?1027023 ht •
CVSS: 9.3EPSS: 0%CPEs: 11EXPL: 0CVE-2012-0724
https://notcve.org/view.php?id=CVE-2012-0724
Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0725. Adobe Flash Player anterior a v11.2.202.229 en Google Chrome anterior a v18.0.1025.151 permite a atacantes provocar una denegación de servicio (corrupción de memoria) o posiblemente tener un impacto no especificado a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2012 hasta 0725. • http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-updates.html http://secunia.com/advisories/48732 http://www.adobe.com/support/security/bulletins/apsb12-07.html http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/74638 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15533 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 11EXPL: 0CVE-2012-0725
https://notcve.org/view.php?id=CVE-2012-0725
Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0724. Adobe Flash Player anteriores a v11.2.202.229 en Google Chrome anteriores a v18.0.1025.151 permiten a atacantes provocar una denegación de servicio (corrupción de memoria) o posiblemente tener un impacto no especificado a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2012-0,724. • http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-updates.html http://secunia.com/advisories/48732 http://www.adobe.com/support/security/bulletins/apsb12-07.html http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/74639 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14628 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •