CVSS: 9.3EPSS: 1%CPEs: 14EXPL: 0CVE-2016-7880 – flash-plugin: multiple code execution issues fixed in APSB16-39
https://notcve.org/view.php?id=CVE-2016-7880
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versión 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de uso después de liberación de memoria cuando establece la propiedad de longitud de un objeto de array. Una explotación exitosa puede resultar en una ejecución de código arbitrario. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html http://rhn.redhat.com/errata/RHSA-2016-2947.html http://www.securityfocus.com/bid/94873 http://www.securitytracker.com/id/1037442 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 https://helpx.adobe.com/security/products/flash-player/apsb16-39.html https://security.gentoo.org/glsa/201701-17 https://access.redhat. • CWE-416: Use After Free •
CVSS: 9.3EPSS: 1%CPEs: 14EXPL: 0CVE-2016-7881 – flash-plugin: multiple code execution issues fixed in APSB16-39
https://notcve.org/view.php?id=CVE-2016-7881
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versión 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de uso después de liberación de memoria en MovieClip class cuando al maneja la conversión a un objeto. Una explotación exitosa puede resultar en una ejecución de código arbitrario. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html http://rhn.redhat.com/errata/RHSA-2016-2947.html http://www.securityfocus.com/bid/94873 http://www.securitytracker.com/id/1037442 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 https://helpx.adobe.com/security/products/flash-player/apsb16-39.html https://security.gentoo.org/glsa/201701-17 https://access.redhat. • CWE-416: Use After Free •
CVSS: 8.8EPSS: 2%CPEs: 14EXPL: 0CVE-2016-7890 – flash-plugin: multiple code execution issues fixed in APSB16-39
https://notcve.org/view.php?id=CVE-2016-7890
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy. Adobe Flash Player versión 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tiene una vulnerabilidad de elusión de seguridad en la implementación en la misma política de origen. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html http://rhn.redhat.com/errata/RHSA-2016-2947.html http://www.securityfocus.com/bid/94870 http://www.securitytracker.com/id/1037442 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 https://helpx.adobe.com/security/products/flash-player/apsb16-39.html https://security.gentoo.org/glsa/201701-17 https://access.redhat. •
CVSS: 9.3EPSS: 2%CPEs: 14EXPL: 0CVE-2016-7892 – Adobe Flash Player Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2016-7892
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versión 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de uso después de liberación de memoria en TextField class. Una explotación exitosa podría conducir a la ejecución de código arbitrario. Adobe Flash Player has an exploitable use-after-free vulnerability in the TextField class. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html http://rhn.redhat.com/errata/RHSA-2016-2947.html http://www.securityfocus.com/bid/94877 http://www.securitytracker.com/id/1037442 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 https://helpx.adobe.com/security/products/flash-player/apsb16-39.html https://security.gentoo.org/glsa/201701-17 https://access.redhat. • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 14EXPL: 0CVE-2016-7867 – Adobe Flash Player RegExp MARK Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-7867
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versión 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de desbordamiento/vaciado de búfer en la clase RegExp relacionada con marcadores en búsquedas. Una explotación exitosa puede resultar en una ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html http://rhn.redhat.com/errata/RHSA-2016-2947.html http://www.securityfocus.com/bid/94871 http://www.securitytracker.com/id/1037442 http://www.zerodayinitiative.com/advisories/ZDI-16-622 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 https://helpx.adobe.com/security/products/flash-player/apsb16-39.html https://securi • CWE-787: Out-of-bounds Write •