CVSS: 9.3EPSS: 89%CPEs: 10EXPL: 1CVE-2012-0779 – Adobe Flash Player - Object Type Confusion
https://notcve.org/view.php?id=CVE-2012-0779
Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows, Mac OS X, and Linux; before 11.1.111.9 on Android 2.x and 3.x; and before 11.1.115.8 on Android 4.x allows remote attackers to execute arbitrary code via a crafted file, related to an "object confusion vulnerability," as exploited in the wild in May 2012. Adobe Flash Player antes de v10.3.183.19 y v11.x antes de v11.2.202.235 en Windows, Mac OS X, y Linux; antes de v11.1.111.9 en Android v2.x y v3.x; y antes de v11.1.115.8 en Android 4.x permite a a atacantes remotos ejecutar código de su elección a través de un campo modificado, relacionado con una vulnerabilidad "object confusion", explotado en mayo de 2012. • https://www.exploit-db.com/exploits/19369 http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00005.html http://osvdb.org/81656 http://rhn.redhat.com/errata/RHSA-2012-0688.html http://secunia.com/advisories/49038 http://secunia.com/advisories/49096 http://www.adobe.com/support/security/bulletins/apsb12-09.html http://www.securityfocus.com/bid/53395 http://www.securitytracker.com/id?1027023 ht •
CVSS: 9.3EPSS: 0%CPEs: 11EXPL: 0CVE-2012-0724
https://notcve.org/view.php?id=CVE-2012-0724
Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0725. Adobe Flash Player anterior a v11.2.202.229 en Google Chrome anterior a v18.0.1025.151 permite a atacantes provocar una denegación de servicio (corrupción de memoria) o posiblemente tener un impacto no especificado a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2012 hasta 0725. • http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-updates.html http://secunia.com/advisories/48732 http://www.adobe.com/support/security/bulletins/apsb12-07.html http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/74638 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15533 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 11EXPL: 0CVE-2012-0725
https://notcve.org/view.php?id=CVE-2012-0725
Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0724. Adobe Flash Player anteriores a v11.2.202.229 en Google Chrome anteriores a v18.0.1025.151 permiten a atacantes provocar una denegación de servicio (corrupción de memoria) o posiblemente tener un impacto no especificado a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2012-0,724. • http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-updates.html http://secunia.com/advisories/48732 http://www.adobe.com/support/security/bulletins/apsb12-07.html http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/74639 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14628 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 3%CPEs: 137EXPL: 0CVE-2012-0772
https://notcve.org/view.php?id=CVE-2012-0772
An unspecified ActiveX control in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228, and AIR before 3.2.0.2070, on Windows does not properly perform URL security domain checking, which allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors. Un control ActiveX no especificado en Adobe Flash Player 10.3.183.18 antes de y 11.x antes de 11.2.202.228, y el aire antes 3.2.0.2070, en Windows no realiza correctamente la comprobación de seguridad de URL de dominio, que permite a los atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores desconocidos. • http://osvdb.org/80706 http://secunia.com/advisories/48618 http://www.adobe.com/support/security/bulletins/apsb12-07.html http://www.securitytracker.com/id?1026859 http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15266 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 14EXPL: 0CVE-2012-0773 – flash-plugin: arbitrary code execution via memory corruption flaw in NetStream class (APSB12-07)
https://notcve.org/view.php?id=CVE-2012-0773
The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228 on Windows, Mac OS X, and Linux; Flash Player before 10.3.183.18 and 11.x before 11.2.202.223 on Solaris; Flash Player before 11.1.111.8 on Android 2.x and 3.x; and AIR before 3.2.0.2070 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. La clase NetStream en Adobe Flash Player antes de v10.3.183.18 y v11.x antes de v11.2.202.228 en Windows, Mac OS X y Linux, Flash Player antes de v10.3.183.18 y 11.x antes de v11.2.202.223 en Solaris; Flash Player antes de v11.1 .111.8 en Android 2.x y 3.x, y AIR antes v3.2.0.2070 permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00018.html http://secunia.com/advisories/48618 http://secunia.com/advisories/48652 http://secunia.com/advisories/48819 http://security.gentoo.org/glsa/glsa-201204-07.xml http://www.adobe.com/support/security/bulletins/apsb12-07.html http://www.securitytracker.com/id?1026859 http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert • CWE-787: Out-of-bounds Write •