CVSS: 9.3EPSS: 1%CPEs: 13EXPL: 0CVE-2017-2984 – flash-plugin: multiple code execution issues fixed in APSB17-04
https://notcve.org/view.php?id=CVE-2017-2984
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the h264 decoder routine. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de desbordamiento de memoria dinámica en la rutina del decodificador h264. La explotación exitosa podría conducir a la ejecución de código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0275.html http://www.securityfocus.com/bid/96193 http://www.securitytracker.com/id/1037815 https://helpx.adobe.com/security/products/flash-player/apsb17-04.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2984 https://bugzilla.redhat.com/show_bug.cgi?id=1422237 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 94%CPEs: 13EXPL: 1CVE-2017-2985 – Adobe Flash - Use-After-Free in Applying Bitmap Filter
https://notcve.org/view.php?id=CVE-2017-2985
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in the ActionScript 3 BitmapData class. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de uso después de liberación en la clase ActionScript 3 BitmapData. La explotación exitosa podría conducir a la ejecución de código arbitrario. Adobe Flash suffers from a use-after-free vulnerability in applying bitmapfilter. • https://www.exploit-db.com/exploits/41422 http://rhn.redhat.com/errata/RHSA-2017-0275.html http://www.securityfocus.com/bid/96199 http://www.securitytracker.com/id/1037815 https://helpx.adobe.com/security/products/flash-player/apsb17-04.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2985 https://bugzilla.redhat.com/show_bug.cgi?id=1422237 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 91%CPEs: 13EXPL: 1CVE-2017-2986 – Adobe Flash - YUVPlane Decoding Heap Overflow
https://notcve.org/view.php?id=CVE-2017-2986
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability in the Flash Video (FLV) codec. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de desbordamiento de memoria dinámica en el códec de Flash Video (FLV). La explotación exitosa podría conducir a la ejecución de código arbitrario. Adobe Flash suffers from a heap overflow vulnerability during YUVPLane decoding. • https://www.exploit-db.com/exploits/41423 http://rhn.redhat.com/errata/RHSA-2017-0275.html http://www.securityfocus.com/bid/96193 http://www.securitytracker.com/id/1037815 https://helpx.adobe.com/security/products/flash-player/apsb17-04.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2986 https://bugzilla.redhat.com/show_bug.cgi?id=1422237 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 2%CPEs: 13EXPL: 0CVE-2017-2987 – flash-plugin: multiple code execution issues fixed in APSB17-04
https://notcve.org/view.php?id=CVE-2017-2987
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable integer overflow vulnerability related to Flash Broker COM. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de desbordamiento de entero relacionada con Flash Broker COM. La explotación exitosa podría conducir a la ejecución de código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0275.html http://www.securityfocus.com/bid/96194 http://www.securitytracker.com/id/1037815 https://helpx.adobe.com/security/products/flash-player/apsb17-04.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2987 https://bugzilla.redhat.com/show_bug.cgi?id=1422237 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 91%CPEs: 13EXPL: 1CVE-2017-2988 – Adobe Flash - SWF Stack Corruption
https://notcve.org/view.php?id=CVE-2017-2988
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability when performing garbage collection. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de corrupción de memoria cuando se realiza la recolección de elementos no utilizados. La explotación exitosa podría conducir a la ejecución de código arbitrario. Adobe Flash suffers from a stack corruption vulnerability using a fuzzed SWF file. • https://www.exploit-db.com/exploits/41421 http://rhn.redhat.com/errata/RHSA-2017-0275.html http://www.securityfocus.com/bid/96190 http://www.securitytracker.com/id/1037815 https://helpx.adobe.com/security/products/flash-player/apsb17-04.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2988 https://bugzilla.redhat.com/show_bug.cgi?id=1422237 • CWE-787: Out-of-bounds Write •