CVSS: 9.3EPSS: 1%CPEs: 13EXPL: 0CVE-2017-2982 – flash-plugin: multiple code execution issues fixed in APSB17-04
https://notcve.org/view.php?id=CVE-2017-2982
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable use after free vulnerability in a routine related to player shutdown. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de uso después de liberación en una rutina relacionada con el apagado del reproductor. La explotación exitosa podría conducir a la ejecución de código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0275.html http://www.securityfocus.com/bid/96199 http://www.securitytracker.com/id/1037815 https://helpx.adobe.com/security/products/flash-player/apsb17-04.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2982 https://bugzilla.redhat.com/show_bug.cgi?id=1422237 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 1%CPEs: 13EXPL: 0CVE-2017-2995 – Adobe Flash Player MessageChannel Type Confusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-2995
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion vulnerability related to the MessageChannel class. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player, versiones 24.0.0.194 y anteriores, tienen una vulnerabilidad explotable de confusión de tipo relacionada con la clase MessageChannel. La explotación exitosa podría conducir a la ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://rhn.redhat.com/errata/RHSA-2017-0275.html http://www.securityfocus.com/bid/96191 http://www.securitytracker.com/id/1037815 https://helpx.adobe.com/security/products/flash-player/apsb17-04.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2995 https://bugzilla.redhat.com/show_bug.cgi?id=1422237 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.3EPSS: 1%CPEs: 13EXPL: 0CVE-2017-2937 – flash-plugin: multiple code execution issues fixed in APSB17-02
https://notcve.org/view.php?id=CVE-2017-2937
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. Successful exploitation could lead to arbitrary code execution. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad de uso después de liberación de memoria explotable en la clase ActionScript FileReference, cuando utiliza la herencia de clase. Una explotación satisfactoria podría conducir a la ejecución de código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95342 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2937 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 2%CPEs: 13EXPL: 0CVE-2017-2926 – flash-plugin: multiple code execution issues fixed in APSB17-02
https://notcve.org/view.php?id=CVE-2017-2926
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files. Successful exploitation could lead to arbitrary code execution. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad de corrupción de memoria explotable relacionado con el procesamiento de átomos en archivos MP4. Una explotación satisfactoria podría conducir a la ejecución de código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95350 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2926 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0CVE-2017-2938 – flash-plugin: multiple code execution issues fixed in APSB17-02
https://notcve.org/view.php?id=CVE-2017-2938
Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related to handling TCP connections. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad para eludir la seguridad relacionada con el manejo de conexiones TCP. • http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95341 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2938 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 •