CVSS: 9.3EPSS: 90%CPEs: 13EXPL: 1CVE-2017-2992 – Adobe Flash - MP4 AMF Parsing Overflow
https://notcve.org/view.php?id=CVE-2017-2992
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de desbordamiento de memoria dinámica cuando se analiza una cabecera MP4. La explotación exitosa podría conducir a la ejecución de código arbitrario. Adobe Flash suffers from an overflow vulnerability during MP4 AMF parsing. • https://www.exploit-db.com/exploits/41420 http://rhn.redhat.com/errata/RHSA-2017-0275.html http://www.securityfocus.com/bid/96193 http://www.securitytracker.com/id/1037815 https://helpx.adobe.com/security/products/flash-player/apsb17-04.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2992 https://bugzilla.redhat.com/show_bug.cgi?id=1422237 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 1%CPEs: 13EXPL: 0CVE-2017-2995 – Adobe Flash Player MessageChannel Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-2995
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de confusión de tipo relacionada con la clase MessageChannel. La explotación exitosa podría conducir a la ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://rhn.redhat.com/errata/RHSA-2017-0275.html http://www.securityfocus.com/bid/96191 http://www.securitytracker.com/id/1037815 https://helpx.adobe.com/security/products/flash-player/apsb17-04.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2995 https://bugzilla.redhat.com/show_bug.cgi?id=1422237 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.3EPSS: 2%CPEs: 13EXPL: 0CVE-2017-2925 – flash-plugin: multiple code execution issues fixed in APSB17-02
https://notcve.org/view.php?id=CVE-2017-2925
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability in the JPEG XR codec. Successful exploitation could lead to arbitrary code execution. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad de corrupción de memoria explotable en el codec JPEG XR. Una explotación satisfactoria podría conducir a la ejecución de código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95350 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2925 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 2%CPEs: 13EXPL: 0CVE-2017-2926 – flash-plugin: multiple code execution issues fixed in APSB17-02
https://notcve.org/view.php?id=CVE-2017-2926
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files. Successful exploitation could lead to arbitrary code execution. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad de corrupción de memoria explotable relacionado con el procesamiento de átomos en archivos MP4. Una explotación satisfactoria podría conducir a la ejecución de código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95350 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2926 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 88%CPEs: 13EXPL: 1CVE-2017-2934 – Adobe Flash - ATF Planar Decompression Heap Overflow
https://notcve.org/view.php?id=CVE-2017-2934
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when parsing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad de desbordamiento de memoria dinámica explotable cuando analizan archivos Adobe Texture Format. Una explotación satisfactoria podría conducir a la ejecución de código arbitrario. Adobe Flash suffers from a heap overflow vulnerability in ATF Planar Decompression. • https://www.exploit-db.com/exploits/41611 http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95347 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2934 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 • CWE-787: Out-of-bounds Write •