CVSS: 9.3EPSS: 88%CPEs: 13EXPL: 1CVE-2017-2934 – Adobe Flash - ATF Planar Decompression Heap Overflow
https://notcve.org/view.php?id=CVE-2017-2934
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when parsing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad de desbordamiento de memoria dinámica explotable cuando analizan archivos Adobe Texture Format. Una explotación satisfactoria podría conducir a la ejecución de código arbitrario. Adobe Flash suffers from a heap overflow vulnerability in ATF Planar Decompression. • https://www.exploit-db.com/exploits/41611 http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95347 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2934 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 89%CPEs: 13EXPL: 1CVE-2017-2935 – Adobe Flash - AVC Header Slicing Heap Overflow
https://notcve.org/view.php?id=CVE-2017-2935
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing the Flash Video container file format. Successful exploitation could lead to arbitrary code execution. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad de desbordamiento de memoria dinámica explotable cuando procesan el formato de archivo contenedor Flash Video. Una explotación satisfactoria podría conducir a la ejecución de código arbitrario. Adobe Flash suffers from a heap overflow vulnerability in AVC header slicing. • https://www.exploit-db.com/exploits/41612 http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95347 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2935 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 1%CPEs: 13EXPL: 0CVE-2017-2936 – flash-plugin: multiple code execution issues fixed in APSB17-02
https://notcve.org/view.php?id=CVE-2017-2936
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class. Successful exploitation could lead to arbitrary code execution. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad de uso después de liberación de memoria explotable en la clase ActionScript FileReference. Una explotación satisfactoria podría conducir a la ejecución de código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95342 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2936 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 1%CPEs: 13EXPL: 0CVE-2017-2937 – flash-plugin: multiple code execution issues fixed in APSB17-02
https://notcve.org/view.php?id=CVE-2017-2937
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. Successful exploitation could lead to arbitrary code execution. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad de uso después de liberación de memoria explotable en la clase ActionScript FileReference, cuando utiliza la herencia de clase. Una explotación satisfactoria podría conducir a la ejecución de código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95342 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2937 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 0CVE-2017-2938 – flash-plugin: multiple code execution issues fixed in APSB17-02
https://notcve.org/view.php?id=CVE-2017-2938
Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related to handling TCP connections. Las versiones Adobe Flash Player 24.0.0.186 y anteriores tienen una vulnerabilidad para eludir la seguridad relacionada con el manejo de conexiones TCP. • http://rhn.redhat.com/errata/RHSA-2017-0057.html http://www.securityfocus.com/bid/95341 http://www.securitytracker.com/id/1037570 https://helpx.adobe.com/security/products/flash-player/apsb17-02.html https://security.gentoo.org/glsa/201702-20 https://access.redhat.com/security/cve/CVE-2017-2938 https://bugzilla.redhat.com/show_bug.cgi?id=1411929 •