CVSS: 9.3EPSS: 2%CPEs: 13EXPL: 0CVE-2017-2990 – flash-plugin: multiple code execution issues fixed in APSB17-04
https://notcve.org/view.php?id=CVE-2017-2990
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 decompression routine. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de corrupción de memoria en la rutina de descompresión h264. La explotación exitosa podría conducir a la ejecución de código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0275.html http://www.securityfocus.com/bid/96190 http://www.securitytracker.com/id/1037815 https://helpx.adobe.com/security/products/flash-player/apsb17-04.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2990 https://bugzilla.redhat.com/show_bug.cgi?id=1422237 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 2%CPEs: 13EXPL: 0CVE-2017-2991 – flash-plugin: multiple code execution issues fixed in APSB17-04
https://notcve.org/view.php?id=CVE-2017-2991
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in the h264 codec (related to decompression). Successful exploitation could lead to arbitrary code execution. Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de corrupción de memoria en el códec h264 (relacionado con la descompresión). La explotación exitosa podría conducir a la ejecución de código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0275.html http://www.securityfocus.com/bid/96190 http://www.securitytracker.com/id/1037815 https://helpx.adobe.com/security/products/flash-player/apsb17-04.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2991 https://bugzilla.redhat.com/show_bug.cgi?id=1422237 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 90%CPEs: 13EXPL: 1CVE-2017-2992 – Adobe Flash - MP4 AMF Parsing Overflow
https://notcve.org/view.php?id=CVE-2017-2992
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de desbordamiento de memoria dinámica cuando se analiza una cabecera MP4. La explotación exitosa podría conducir a la ejecución de código arbitrario. Adobe Flash suffers from an overflow vulnerability during MP4 AMF parsing. • https://www.exploit-db.com/exploits/41420 http://rhn.redhat.com/errata/RHSA-2017-0275.html http://www.securityfocus.com/bid/96193 http://www.securitytracker.com/id/1037815 https://helpx.adobe.com/security/products/flash-player/apsb17-04.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2992 https://bugzilla.redhat.com/show_bug.cgi?id=1422237 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 1%CPEs: 13EXPL: 0CVE-2017-2993 – flash-plugin: multiple code execution issues fixed in APSB17-04
https://notcve.org/view.php?id=CVE-2017-2993
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability related to event handlers. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de uso después de liberación relacionado con controladores de eventos. La explotación exitosa podría conducir a la ejecución de código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0275.html http://www.securityfocus.com/bid/96199 http://www.securitytracker.com/id/1037815 https://helpx.adobe.com/security/products/flash-player/apsb17-04.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2993 https://bugzilla.redhat.com/show_bug.cgi?id=1422237 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 1%CPEs: 13EXPL: 0CVE-2017-2994 – Adobe Flash PSDKEvent Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-2994
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in Primetime SDK event dispatch. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de uso después de liberación en el envío de eventos de Primetime SDK. La explotación exitosa podría conducir a la ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://rhn.redhat.com/errata/RHSA-2017-0526.html http://www.securityfocus.com/bid/96199 http://www.securitytracker.com/id/1037815 https://helpx.adobe.com/security/products/flash-player/apsb17-04.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2994 https://bugzilla.redhat.com/show_bug.cgi?id=1432200 • CWE-416: Use After Free •