CVSS: 9.3EPSS: 2%CPEs: 13EXPL: 0CVE-2017-2928 – flash-plugin: multiple code execution issues fixed in APSB17-02
https://notcve.org/view.php?id=CVE-2017-2928
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful exploitation could lead to arbitrary code execution. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad de corrupción de memoria explotable relacionado con la configuración de efectos del modo visual. Una explotación satisfactoria podría conducir a la ejecución de código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95350 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2928 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 93%CPEs: 13EXPL: 2CVE-2017-2930 – Adobe Flash Player 24.0.0.186 - 'ActionGetURL2' Out-of-Bounds Memory Corruption
https://notcve.org/view.php?id=CVE-2017-2930
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability due to a concurrency error when manipulating a display list. Successful exploitation could lead to arbitrary code execution. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad de corrupción de memoria explotable debido a un error de concurrencia cuando manipulan una lista de visualización. Una explotación satisfactoria podría conducir a la ejecución de código arbitrario. • https://www.exploit-db.com/exploits/41012 https://www.exploit-db.com/exploits/41008 http://packetstormsecurity.com/files/140463/Adobe-Flash-24.0.0.186-Code-Execution.html http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95350 http://www.securitytracker.com/id/1037570 https://cosig.gouv.qc.ca/en/cosig-2017-01-en https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https:// • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 39%CPEs: 13EXPL: 1CVE-2017-2931 – Adobe Flash - Metadata Parsing Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2017-2931
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to the parsing of SWF metadata. Successful exploitation could lead to arbitrary code execution. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad de corrupción de memoria explotable relacionado con el análisis de metadatos SWF. Una explotación satisfactoria podría conducir a la ejecución de código arbitrario. Adobe Flash suffers from an out-of-bounds read in metadata parsing. • https://www.exploit-db.com/exploits/41608 http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95350 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2931 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 91%CPEs: 13EXPL: 1CVE-2017-2932 – Adobe Flash - MovieClip Attach init Object Use-After-Free
https://notcve.org/view.php?id=CVE-2017-2932
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript MovieClip class. Successful exploitation could lead to arbitrary code execution. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad de uso después de liberación de memoria explotable en la clase ActionScript MovieClip. Una explotación satisfactoria podría conducir a la ejecución de código arbitrario. Adobe Flash suffers from a use-after-free in MovieClip attach init object. • https://www.exploit-db.com/exploits/41609 http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95342 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2932 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 89%CPEs: 13EXPL: 1CVE-2017-2933 – Adobe Flash - ATF Thumbnailing Heap Overflow
https://notcve.org/view.php?id=CVE-2017-2933
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability related to texture compression. Successful exploitation could lead to arbitrary code execution. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad de desbordamiento de memoria dinámica explotable relacionado con la compresión de textura. Una explotación satisfactoria podría conducir a la ejecución de código arbitrario. Adobe Flash suffers from a heap overflow vulnerability in ATF thumbnailing. • https://www.exploit-db.com/exploits/41610 http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95347 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2933 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 • CWE-787: Out-of-bounds Write •