Page 24 of 129 results (0.007 seconds)

CVSS: 10.0EPSS: 50%CPEs: 31EXPL: 0

CVE-2015-0349 – Adobe Flash Player AS3 ConvolutionFilter Use-After-Free Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2015-0349

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0351, CVE-2015-0358, and CVE-2015-3039. Vulnerabilidad de uso después de liberación en Adobe Flash Player anterior a 13.0.0.281 y 14.x hasta 17.x anterior a 17.0.0.169 en Windows y OS X y anterior a 11.2.202.457 en Linux permite a atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-0351, CVE-2015-0358, y CVE-2015-3039. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of AS3 ConvolutionFilter objects. By manipulating the matrix property of a ConvolutionFilter object, an attacker can force a dangling pointer to be reused after it has been freed. • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html http://rhn.redhat.com/errata/RHSA-2015-0813.html http://www.securityfocus.com/bid/74064 http://www.securitytracker.com/id/1032105 https://helpx.adobe.com/security/products/flash-player/apsb15-06.htm •

CVSS: 10.0EPSS: 50%CPEs: 31EXPL: 0

CVE-2015-3039 – Adobe Flash Player AS2 ConvolutionFilter Use-After-Free Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2015-3039

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0351, and CVE-2015-0358. Vulnerabilidad de uso después de liberación en Adobe Flash Player anterior a 13.0.0.281 y 14.x hasta 17.x anterior a 17.0.0.169 en Windows y OS X y anterior a 11.2.202.457 en Linux permite a atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-0349, CVE-2015-0351 y CVE-2015-0358. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of AS2 ConvolutionFilter objects. By manipulating the matrix property of a ConvolutionFilter object, an attacker can force a dangling pointer to be reused after it has been freed. • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html http://rhn.redhat.com/errata/RHSA-2015-0813.html http://www.securityfocus.com/bid/74064 http://www.securitytracker.com/id/1032105 https://helpx.adobe.com/security/products/flash-player/apsb15-06.htm •

CVSS: 5.0EPSS: 0%CPEs: 31EXPL: 0

CVE-2015-3040 – flash-plugin: information leaks leading to ASLR bypass (APSB15-06)

https://notcve.org/view.php?id=CVE-2015-3040

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-0357. Adobe Flash Player anterior a 13.0.0.281 y 14.x hasta 17.x anterior a 17.0.0.169 en Windows y OS X y anterior a 11.2.202.457 en Linux no restringe correctamente el descubrimiento de direcciones de la memoria, lo que permite a atacantes evadir el mecanismo de protección ASLR en Windows a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-0357. • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html http://rhn.redhat.com/errata/RHSA-2015-0813.html http://www.securitytracker.com/id/1032105 https://helpx.adobe.com/security/products/flash-player/apsb15-06.html https://security.gentoo.org/glsa/2015 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 0%CPEs: 31EXPL: 0

CVE-2015-3044 – flash-plugin: security bypass leading to information disclosure (APSB15-06)

https://notcve.org/view.php?id=CVE-2015-3044

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. Adobe Flash Player anterior a 13.0.0.281 y 14.x hasta 17.x anterior a 17.0.0.169 en Windows y OS X y anterior a 11.2.202.457 en Linux permite a atacantes evadir restricciones de acceso y obtener información sensible a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-05 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 10.0EPSS: 97%CPEs: 96EXPL: 2

CVE-2015-0240 – Samba < 3.6.2 (x86) - Denial of Service (PoC)

https://notcve.org/view.php?id=CVE-2015-0240

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c. La implentación del servidor Netlogon en smbd en Samba 3.5.x y 3.6.x anterior a 3.6.25, 4.0.x anterior a 4.0.25, 4.1.x anterior a 4.1.17, y 4.2.x anterior a 4.2.0rc5 realiza una operación libre sobre un puntero de pila no inicializado, lo que permite a atacantes remotos ejecutar código arbitrario a través de paquetes Netlogon manipulados que utilizan la API RPC ServerPasswordSet, tal y como fue demostrado mediante paquetes alcanzando la función _netr_ServerPasswordSet en rpc_server/netlogon/srv_netlog_nt.c. An uninitialized pointer use flaw was found in the Samba daemon (smbd). A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd (by default, the root user). • https://www.exploit-db.com/exploits/36741 http://advisories.mageia.org/MGASA-2015-0084.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00030.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00042.html http://lists.opensuse.org/opensuse- • CWE-17: DEPRECATED: Code CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •