Page 185 of 1094 results (0.010 seconds)

CVSS: 9.3EPSS: 4%CPEs: 104EXPL: 0

CVE-2011-2430 – flash-plugin: critical flaws fixed in APSB11-26

https://notcve.org/view.php?id=CVE-2011-2430

Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via crafted streaming media, related to a "logic error vulnerability." Adobe Flash Player antes de v10.3.183.10 en Windows, Mac OS X, Linux y Solaris, y antes de v10.3.186.7 en Android, permite a atacantes remotos ejecutar código de su elección a través de medios de transmisión modificados, relacionado con una "vulnerabilidad de error lógico" • http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00025.html http://secunia.com/advisories/48308 http://www.adobe.com/support/security/bulletins/apsb11-26.html http://www.redhat.com/support/errata/RHSA-2011-1333.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13809 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16116 https://access.redhat.com/security/cve/CVE-2011-2430 https://bugzilla.redhat.com • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 1%CPEs: 104EXPL: 0

CVE-2011-2427 – flash-plugin: critical flaws fixed in APSB11-26

https://notcve.org/view.php?id=CVE-2011-2427

Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to execute arbitrary code or cause a denial of service via unspecified vectors. Desbordamiento de búfer basado en pila en el componente ActionScript Virtual Machine (AVM) de Adobe Flash Player antes de v10.3.183.10 en Windows, Mac OS X, Linux y Solaris, y antes de v10.3.186.7 en Android, permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00025.html http://secunia.com/advisories/48308 http://www.adobe.com/support/security/bulletins/apsb11-26.html http://www.redhat.com/support/errata/RHSA-2011-1333.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14125 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15950 https://access.redhat.com/security/cve/CVE-2011-2427 https://bugzilla.redhat.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 10%CPEs: 104EXPL: 0

CVE-2011-2426 – flash-plugin: critical flaws fixed in APSB11-26

https://notcve.org/view.php?id=CVE-2011-2426

Stack-based buffer overflow in the ActionScript Virtual Machine (AVM) component in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer basado en pila en el componente ActionScript Virtual Machine (AVM) de Adobe Flash Player antes de v10.3.183.10 en Windows, Mac OS X, Linux y Solaris, y antes de v10.3.186.7 en Android, permite a atacantes remotos ejecutar código de su elección a través de vectores no especificadeos. • http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00025.html http://secunia.com/advisories/48308 http://www.adobe.com/support/security/bulletins/apsb11-26.html http://www.redhat.com/support/errata/RHSA-2011-1333.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14070 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15366 https://access.redhat.com/security/cve/CVE-2011-2426 https://bugzilla.redhat.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 104EXPL: 0

CVE-2011-2444 – flash-plugin: Cross-site scripting vulnerability fixed in APSB11-26

https://notcve.org/view.php?id=CVE-2011-2444

Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a "universal cross-site scripting issue," as exploited in the wild in September 2011. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Adobe Flash Player antes de v10.3.183.10 en Windows, Mac OS X, Linux y Solaris, y antes de v10.3.186.7 en Android, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de una URL modificada, relacionado con un "fallo de secuencias de comandos en sitios cruzados universal" como se explotó en Septiembre de 2011. • http://googlechromereleases.blogspot.com/2011/09/stable-channel-update_20.html http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00025.html http://secunia.com/advisories/48308 http://www.adobe.com/support/security/bulletins/apsb11-26.html http://www.redhat.com/support/errata/RHSA-2011-1333.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14050 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15272 https:/&#x • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.3EPSS: 26%CPEs: 124EXPL: 0

CVE-2011-2424 – flash-plugin: multiple arbitrary code execution flaws (APSB-11-21)

https://notcve.org/view.php?id=CVE-2011-2424

Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SWF file, as demonstrated by "about 400 unique crash signatures." Adobe Flash Player anterior a v10.3.183.5 en Windows, Mac OS X, Linux y Solaris, y anterior a v10.3.186.3 en Android, y Adobe AIR anterior a v2.7.1 en Windows y Mac OS X y anterior a v2.7.1.1961 en Android, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un archivo SWF espacialmente manipulado, como lo demuestran los "cerca de 400 firmas de caída". • http://blogs.adobe.com/asset/2011/08/how-did-you-get-to-that-number.html http://googleonlinesecurity.blogspot.com/2011/08/fuzzing-at-scale.html http://twitter.com/taviso/statuses/101046246277521409 http://twitter.com/taviso/statuses/101046396790128640 http://www.adobe.com/support/security/bulletins/apsb11-21.html http://www.redhat.com/support/errata/RHSA-2011-1144.html http://www.us-cert.gov/cas/techalerts/TA11-222A.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •