CVSS: 9.3EPSS: 1%CPEs: 13EXPL: 0CVE-2017-2927 – flash-plugin: multiple code execution issues fixed in APSB17-02
https://notcve.org/view.php?id=CVE-2017-2927
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad de desbordamiento de memoria dinámica explotable cuando procesa archivos Adobe Texture Format. Una explotación satisfactoria podría conducir a la ejecución de código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95347 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2927 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 89%CPEs: 13EXPL: 1CVE-2017-2933 – Adobe Flash - ATF Thumbnailing Heap Overflow
https://notcve.org/view.php?id=CVE-2017-2933
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability related to texture compression. Successful exploitation could lead to arbitrary code execution. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad de desbordamiento de memoria dinámica explotable relacionado con la compresión de textura. Una explotación satisfactoria podría conducir a la ejecución de código arbitrario. Adobe Flash suffers from a heap overflow vulnerability in ATF thumbnailing. • https://www.exploit-db.com/exploits/41610 http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95347 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2933 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 39%CPEs: 13EXPL: 1CVE-2017-2931 – Adobe Flash - Metadata Parsing Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2017-2931
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to the parsing of SWF metadata. Successful exploitation could lead to arbitrary code execution. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad de corrupción de memoria explotable relacionado con el análisis de metadatos SWF. Una explotación satisfactoria podría conducir a la ejecución de código arbitrario. Adobe Flash suffers from an out-of-bounds read in metadata parsing. • https://www.exploit-db.com/exploits/41608 http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95350 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2931 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 91%CPEs: 13EXPL: 1CVE-2017-2932 – Adobe Flash - MovieClip Attach init Object Use-After-Free
https://notcve.org/view.php?id=CVE-2017-2932
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript MovieClip class. Successful exploitation could lead to arbitrary code execution. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad de uso después de liberación de memoria explotable en la clase ActionScript MovieClip. Una explotación satisfactoria podría conducir a la ejecución de código arbitrario. Adobe Flash suffers from a use-after-free in MovieClip attach init object. • https://www.exploit-db.com/exploits/41609 http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95342 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2932 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0CVE-2017-2938 – flash-plugin: multiple code execution issues fixed in APSB17-02
https://notcve.org/view.php?id=CVE-2017-2938
Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related to handling TCP connections. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad para eludir la seguridad relacionada con el manejo de conexiones TCP. • http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95341 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2938 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 •