CVSS: 9.3EPSS: 1%CPEs: 10EXPL: 0CVE-2012-0753 – flash-plugin: multiple code execution flaws (APSB12-03)
https://notcve.org/view.php?id=CVE-2012-0753
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted MP4 data. Adobe Flash Player anterior a v10.3.183.15 y v11.x anterior a v11.1.102.62 en Windows, Mac OS X, Linux, y Solaris; anterior a 11.1.111.6 en Android 2.x y 3.x; y anterior a v11.1.115.6 en Android 4.x permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) mediante paquetes MP4 manipulados • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html http://rhn.redhat.com/errata/RHSA-2012-0144.html http://secunia.com/advisories/48265 http://secunia.com/advisories/48819 http://security.gentoo.org/glsa/glsa-201204-07.xml http://www.adobe.com/support/security/bulletins/apsb12-03.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14795 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15601 h • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 1%CPEs: 10EXPL: 0CVE-2012-0752 – flash-plugin: multiple code execution flaws (APSB12-03)
https://notcve.org/view.php?id=CVE-2012-0752
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) by leveraging an unspecified "type confusion." El programa Adobe Flash Player anterior a la versión 10.3.183.15 y versión 11.x anterior a 11.1.102.62 en Windows, Mac OS X, Linux y Solaris; anterior al 11.1.111.6 en Android versión 2.x y versión 3.x; y anterior a versión 11.1.115.6 en Android versión 4.x, los atacantes pueden ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) impulsando un ataque "type confusion" no especificado. • http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00014.html http://rhn.redhat.com/errata/RHSA-2012-0144.html http://secunia.com/advisories/48265 http://secunia.com/advisories/48819 http://security.gentoo.org/glsa/glsa-201204-07.xml http://www.adobe.com/support/security/bulletins/apsb12-03.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14654 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16103 h • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 4.3EPSS: 0%CPEs: 39EXPL: 0CVE-2009-0522
https://notcve.org/view.php?id=CVE-2009-0522
Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Windows allows remote attackers to trick a user into visiting an arbitrary URL via an unspecified manipulation of the "mouse pointer display," related to a "Clickjacking attack." Adobe Flash Player 9.x antes de la 9.0.159.0 y 10.x antes de la 10.0.22.87 sobre Windows permite a atacantes remotos engañar a un usuario para que visite una URL arbitraria a través de una manipulación no especificada de la "pantalla el puntero del ratón", relacionada con un "ataque de Clickjacking ". • http://isc.sans.org/diary.html?storyid=5929 http://secunia.com/advisories/34012 http://securitytracker.com/id?1021752 http://www.adobe.com/support/security/bulletins/apsb09-01.html http://www.vupen.com/english/advisories/2009/0513 https://exchange.xforce.ibmcloud.com/vulnerabilities/48903 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6674 •
CVSS: 9.3EPSS: 25%CPEs: 38EXPL: 0CVE-2009-0519 – flash-plugin: Input validation flaw (DoS)
https://notcve.org/view.php?id=CVE-2009-0519
Unspecified vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a crafted Shockwave Flash (aka .swf) file. Vulnerabilidad no especificada en Adobe Flash Player 9.x anteriores a v9.0.159.0 y v10.x anteriores a v10.0.22.87, permiten a atacantes remotos provocar una denegación de servicio (caída del navegador) o posiblemente ejecutar código de su elección a través de un fichero Shockwave Flash (también conocido como .swf). • http://isc.sans.org/diary.html?storyid=5929 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://rhn.redhat.com/errata/RHSA-2009-0332.html http://rhn.redhat.com/errata/RHSA-2009-0334.html http://secunia.com/advisories/34012 http://secunia.com/advisories/34226 http://secunia.com/advisories/34293 http://secunia.com/advisories/35074 http://security.gentoo.org/glsa/glsa-200903-23.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-254909& • CWE-20: Improper Input Validation •
CVSS: 5.8EPSS: 1%CPEs: 39EXPL: 0CVE-2009-0114
https://notcve.org/view.php?id=CVE-2009-0114
Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking issue variant." Una vulnerabilidad no especificada en Administrador de configuración de Adobe Flash Player 9.x antes de 9.0.159.0, 10.x antes de 10.0.22.87 y, posiblemente otras versiones, permite a atacantes remotos engañar a un usuario para que visite una URL arbitraria a través de vectores desconocidos, relacionados con "una posible variante del problema de Clickjacking." • http://isc.sans.org/diary.html?storyid=5929 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://secunia.com/advisories/34226 http://secunia.com/advisories/34293 http://secunia.com/advisories/35074 http://security.gentoo.org/glsa/glsa-200903-23.xml http://securitytracker.com/id?1021751 http://sunsolve.sun.com/search/document.do?assetkey=1-66-254909-1 http://support.apple.com/kb/HT3549 http://www.adobe.com/support/security/bulletins/apsb09-01.html •