CVSS: 8.8EPSS: 1%CPEs: 14EXPL: 0CVE-2016-7867 – Adobe Flash Player RegExp MARK Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-7867
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versión 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de desbordamiento/vaciado de búfer en la clase RegExp relacionada con marcadores en búsquedas. Una explotación exitosa puede resultar en una ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html http://rhn.redhat.com/errata/RHSA-2016-2947.html http://www.securityfocus.com/bid/94871 http://www.securitytracker.com/id/1037442 http://www.zerodayinitiative.com/advisories/ZDI-16-622 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 https://helpx.adobe.com/security/products/flash-player/apsb16-39.html https://securi • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 2%CPEs: 14EXPL: 0CVE-2016-7871 – Adobe Flash Player Worker Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-7871
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable memory corruption vulnerability in the Worker class. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versión 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de corrupción de memoria en la clase Worker. Una explotación exitosa puede resultar en una ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html http://rhn.redhat.com/errata/RHSA-2016-2947.html http://www.securityfocus.com/bid/94866 http://www.securitytracker.com/id/1037442 http://www.zerodayinitiative.com/advisories/ZDI-16-627 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 https://helpx.adobe.com/security/products/flash-player/apsb16-39.html https://securi • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 14EXPL: 0CVE-2016-7869 – Adobe Flash Player RegExp PRUNE Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-7869
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versión 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de desbordamiento/vaciado de búfer en la clase RegExp relacionada con la funcionalidad de búsqueda backtrack. Una explotación exitosa puede resultar en una ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html http://rhn.redhat.com/errata/RHSA-2016-2947.html http://www.securityfocus.com/bid/94871 http://www.securitytracker.com/id/1037442 http://www.zerodayinitiative.com/advisories/ZDI-16-624 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 https://helpx.adobe.com/security/products/flash-player/apsb16-39.html https://securi • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 14EXPL: 0CVE-2016-7879 – Adobe Flash NetConnection Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-7879
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versión 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de uso después de liberación en el NetConnection class al manejar un objeto de secuencia de comandos adjunto. Una explotación exitosa puede resultar en una ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html http://rhn.redhat.com/errata/RHSA-2016-2947.html http://www.securityfocus.com/bid/94873 http://www.securitytracker.com/id/1037442 http://www.zerodayinitiative.com/advisories/ZDI-16-619 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 https://helpx.adobe.com/security/products/flash-player/apsb16-39.html https://securi • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 14EXPL: 0CVE-2016-7868 – Adobe Flash Player RegExp THEN Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-7868
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versión 23.0.0.207 y versiones anteriores, 11.2.202.644 y versiones anteriores tienen una vulnerabilidad explotable de desbordamiento/vaciado de búfer en la clase RegExp relacionada con la alteración de la funcionalidad. Una explotación exitosa puede resultar en una ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00064.html http://lists.opensuse.org/opensuse-updates/2016-12/msg00112.html http://rhn.redhat.com/errata/RHSA-2016-2947.html http://www.securityfocus.com/bid/94871 http://www.securitytracker.com/id/1037442 http://www.zerodayinitiative.com/advisories/ZDI-16-625 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-154 https://helpx.adobe.com/security/products/flash-player/apsb16-39.html https://securi • CWE-787: Out-of-bounds Write •