CVSS: 9.3EPSS: 13%CPEs: 75EXPL: 0CVE-2011-0577 – flash-plugin: multiple code execution flaws (APSB11-02)
https://notcve.org/view.php?id=CVE-2011-0577
Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 allows remote attackers to execute arbitrary code via a crafted font. Vulnerabilidad no especificada en Adobe Flash Player antes de v10.2.152.26 permite a atacantes remotos ejecutar código arbitrario a través de una fuente manipulada. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2 http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00003.html http://osvdb.org/70920 http://secunia.com/advisories/43267 http://secunia.com/advisories/43292 http://secunia.com/advisories/43340 http://secunia.com/advisories/43351 http://secunia.com/advisories/43747 http://www.adobe.com/support/security/bulletins/apsb11-02.html http://www.redhat.com/support/errata/RHSA-2011-0206.html http:/&# •
CVSS: 9.3EPSS: 1%CPEs: 75EXPL: 0CVE-2011-0559 – flash-plugin: multiple code execution flaws (APSB11-02)
https://notcve.org/view.php?id=CVE-2011-0559
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608. Adobe Flash Player anterior a v10.2.152.26, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria) a través de vectores sin especificar. Vulnerabilidad distinta de CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, y CVE-2011-0608. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=894 http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00003.html http://secunia.com/advisories/43267 http://secunia.com/advisories/43292 http://secunia.com/advisories/43340 http://secunia.com/advisories/43351 http://secunia.com/advisories/43747 http://www.adobe.com/support/security/bulletins/apsb11-02.html http://www.redhat.com/su • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 75EXPL: 0CVE-2011-0558 – flash-plugin: multiple code execution flaws (APSB11-02)
https://notcve.org/view.php?id=CVE-2011-0558
Integer overflow in Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code via a large array length value in the ActionScript method of the Function class. El desbordamiento de enteros en Adobe Flash Player anterior a versión 10.2.152.26 permite a los atacantes ejecutar código arbitrario por medio de un valor de longitud de matriz grande en el método ActionScript de la clase Function. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=893 http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00003.html http://secunia.com/advisories/43267 http://secunia.com/advisories/43292 http://secunia.com/advisories/43340 http://secunia.com/advisories/43351 http://secunia.com/advisories/43747 http://www.adobe.com/support/security/bulletins/apsb11-02.html http://www.redhat.com/su • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 1%CPEs: 75EXPL: 0CVE-2011-0578 – Adobe Flash Player Point Object Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0578
Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a constructor for an unspecified ActionScript3 object and improper type checking, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0607, and CVE-2011-0608. Adobe Flash Player anterior a v10.2.152.26, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria) a través de vectores sin especificar. Vulnerabilidad distinta de CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0607, y CVE-2011-0608. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within construction of a specific ActionScript3 object. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash2 http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00003.html http://osvdb.org/70921 http://secunia.com/advisories/43267 http://secunia.com/advisories/43292 http://secunia.com/advisories/43340 http://secunia.com/advisories/43351 http://secunia.com/advisories/43747 http://www.adobe.com/support/security/bulletins/apsb11-02.html http://www.redhat.com/support/errata/RHSA-2011-0206.html http:/&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2010-3647 – flash-plugin: security bulletin APSB10-26
https://notcve.org/view.php?id=CVE-2010-3647
Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652. Vulnerabilidad no especificada en Adobe Flash Player anterior a v9.0.289.0 y v10.x anterior a v10.1.102.64 en Windows, Mac OS X, Linux, y Solaris, y v10.1.95.1 en Android, permite a atacantes ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria) a través de vectores desconocidos, una vulnerabilidad diferente que CVE-2010-3640, CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, y CVE-2010-3652. • http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1 http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html http://marc.info/?l=bugtraq&m=130331642631603&w=2 http://secunia.com/advisories/42183 http://secunia.com/advisories/42926 http://secunia.com/advisories/43026 http://security.gentoo.org/glsa/glsa-201101-09.xml http://support.apple.com/kb/HT4435 http:// •