Page 188 of 959 results (0.022 seconds)

CVSS: 9.3EPSS: 25%CPEs: 38EXPL: 0

CVE-2009-0519 – flash-plugin: Input validation flaw (DoS)

https://notcve.org/view.php?id=CVE-2009-0519

Unspecified vulnerability in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a crafted Shockwave Flash (aka .swf) file. Vulnerabilidad no especificada en Adobe Flash Player 9.x anteriores a v9.0.159.0 y v10.x anteriores a v10.0.22.87, permiten a atacantes remotos provocar una denegación de servicio (caída del navegador) o posiblemente ejecutar código de su elección a través de un fichero Shockwave Flash (también conocido como .swf). • http://isc.sans.org/diary.html?storyid=5929 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://rhn.redhat.com/errata/RHSA-2009-0332.html http://rhn.redhat.com/errata/RHSA-2009-0334.html http://secunia.com/advisories/34012 http://secunia.com/advisories/34226 http://secunia.com/advisories/34293 http://secunia.com/advisories/35074 http://security.gentoo.org/glsa/glsa-200903-23.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-254909& • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 39%CPEs: 38EXPL: 1

CVE-2009-0520 – Adobe Flash Player 9/10 - Invalid Object Reference Remote Code Execution

https://notcve.org/view.php?id=CVE-2009-0520

Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a "buffer overflow issue." Adobe Flash Player v9.x anteriores a v9.0.159.0 y 10.x before 10.0.22.87 no elimina apropiadamente referencias a objetos destruidos durante el procesado de un archivo Shockwave Flash, lo que permite a los atacantes remotos ejecutar arbitrariamente código a través de un fichero manipulado, en relación a un "asunto de desbordamiento de búfer". • https://www.exploit-db.com/exploits/32811 http://isc.sans.org/diary.html?storyid=5929 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=773 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://rhn.redhat.com/errata/RHSA-2009-0332.html http://rhn.redhat.com/errata/RHSA-2009-0334.html http://secunia.com/advisories/34012 http://secunia.com/advisories/34226 http://secunia.com/advisories/34293 http://secunia.com/advisories/35074 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 23EXPL: 0

CVE-2008-4821 – jar: protocol handler

https://notcve.org/view.php?id=CVE-2008-4821

Adobe Flash Player 9.0.124.0 and earlier, when a Mozilla browser is used, does not properly interpret jar: URLs, which allows attackers to obtain sensitive information via unknown vectors. Adobe Flash Player 9.0.124.0 y anteriores, cuando se usa un navegador de Mozilla, no interpreta adecuadamente URLs jar:, lo que permite a atacantes obtener información sensible mediante vectores desconocidos. • http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html http://secunia.com/advisories/32702 http://secunia.com/advisories/33179 http://secunia.com/advisories/33390 http://secunia.com/advisories/34226 http://security.gentoo.org/glsa/glsa-200903-23.xml http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1 http://support.apple.com/kb/HT3338 http://support.avaya.com/elmodocs2/security/ASA-2008-440.htm http://support.avaya.com/elmodocs2/securit • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.8EPSS: 2%CPEs: 20EXPL: 0

CVE-2008-4822 – Flash Player policy file interpretation flaw

https://notcve.org/view.php?id=CVE-2008-4822

Adobe Flash Player 9.0.124.0 and earlier does not properly interpret policy files, which allows remote attackers to bypass a non-root domain policy. Adobe Flash Player v9.0.124.0 y anteriores no interpretan de forma adecuada los ficheros de políticas, lo que permite a atacantes remotos saltarse la política de dominio “non-root” • http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html http://secunia.com/advisories/32702 http://secunia.com/advisories/33179 http://secunia.com/advisories/33390 http://secunia.com/advisories/34226 http://security.gentoo.org/glsa/glsa-200903-23.xml http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1 http://support.apple.com/kb/HT3338 http://support.avaya.com/elmodocs2/security/ASA-2008-440.htm http://support.avaya.com/elmodocs2/securit • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.8EPSS: 5%CPEs: 20EXPL: 0

CVE-2008-4819 – Flash Player DNS rebind attack

https://notcve.org/view.php?id=CVE-2008-4819

Unspecified vulnerability in Adobe Flash Player 9.0.124.0 and earlier makes it easier for remote attackers to conduct DNS rebinding attacks via unknown vectors. Vulnerabilidad no específica en Adobe Flash Player v9.0.124.0 y anteriores, facilitan a atacantes remotos conducir ataques de revinvulación DNS, mediante vectores desconocidos. • http://lists.apple.com/archives/security-announce//2008//Dec/msg00000.html http://secunia.com/advisories/32702 http://secunia.com/advisories/33179 http://secunia.com/advisories/33390 http://secunia.com/advisories/34226 http://security.gentoo.org/glsa/glsa-200903-23.xml http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1 http://support.apple.com/kb/HT3338 http://support.avaya.com/elmodocs2/security/ASA-2008-440.htm http://support.avaya.com/elmodocs2/securit •