CVSS: 9.3EPSS: 1%CPEs: 25EXPL: 0CVE-2016-7863 – Adobe Flash TextField Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-7863
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player en versiones 23.0.0.205 y anteriores, 11.2.202.643 y anteriores tiene una vulnerabilidad de uso después de liberación de memoria aprovechable. Una explotación exitosa podría conducir a la ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://rhn.redhat.com/errata/RHSA-2016-2676.html http://www.securityfocus.com/bid/94153 http://www.securitytracker.com/id/1037240 http://www.zerodayinitiative.com/advisories/ZDI-16-599 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-141 https://helpx.adobe.com/security/products/flash-player/apsb16-37.html https://security.gentoo.org/glsa/201611-18 https://access.redhat.com/security/cve/CVE-2016-7863 https://bugzilla.redhat.com/show_bug.cgi?id=139308 • CWE-416: Use After Free •
CVSS: 9.3EPSS: 11%CPEs: 25EXPL: 0CVE-2016-7855 – Adobe Flash Player Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2016-7855
Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016. Vulnerabilidad de uso después de liberación de memoria en Adobe Flash Player en versiones anteriores a 23.0.0.205 en Windows y OS X y en versiones anteriores a 11.2.202.643 en Linux permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados, según se ha explotado activamente en octubre de 2016. Use-after-free vulnerability in Adobe Flash Player Windows and OS and Linux allows remote attackers to execute arbitrary code. • http://rhn.redhat.com/errata/RHSA-2016-2119.html http://www.securityfocus.com/bid/93861 http://www.securitytracker.com/id/1037111 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-128 https://helpx.adobe.com/security/products/flash-player/apsb16-36.html https://security.gentoo.org/glsa/201610-10 https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html https://access.redhat.com/security/cve/CVE-2016-7855 https://bugzilla.redhat.com&#x • CWE-416: Use After Free •
CVSS: 9.3EPSS: 2%CPEs: 15EXPL: 0CVE-2016-6985 – flash-plugin: multiple code execution issues fixed in APSB16-32
https://notcve.org/view.php?id=CVE-2016-6985
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990. Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versión 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989 y CVE-2016-6990. • http://rhn.redhat.com/errata/RHSA-2016-2057.html http://www.securityfocus.com/bid/93490 http://www.securitytracker.com/id/1036985 https://helpx.adobe.com/security/products/flash-player/apsb16-32.html https://security.gentoo.org/glsa/201610-10 https://access.redhat.com/security/cve/CVE-2016-6985 https://bugzilla.redhat.com/show_bug.cgi?id=1383931 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 1%CPEs: 21EXPL: 0CVE-2016-4286 – flash-plugin: multiple code execution issues fixed in APSB16-32
https://notcve.org/view.php?id=CVE-2016-4286
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to bypass intended access restrictions via unspecified vectors. Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versión 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes eludir restricciones destinadas al acceso a través de vectores no especificados. • http://rhn.redhat.com/errata/RHSA-2016-2057.html http://www.securityfocus.com/bid/93497 http://www.securitytracker.com/id/1036985 https://helpx.adobe.com/security/products/flash-player/apsb16-32.html https://security.gentoo.org/glsa/201610-10 https://access.redhat.com/security/cve/CVE-2016-4286 https://bugzilla.redhat.com/show_bug.cgi?id=1383931 • CWE-284: Improper Access Control •
CVSS: 9.3EPSS: 2%CPEs: 15EXPL: 0CVE-2016-6982 – flash-plugin: multiple code execution issues fixed in APSB16-32
https://notcve.org/view.php?id=CVE-2016-6982
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990. Adobe Flash Player en versiones anteriores a 18.0.0.382 y 19.x hasta la versión 23.x en versiones anteriores a 23.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.637 en Linux permite a atacantes ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4273, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989 y CVE-2016-6990. • http://rhn.redhat.com/errata/RHSA-2016-2057.html http://www.securityfocus.com/bid/93490 http://www.securitytracker.com/id/1036985 https://helpx.adobe.com/security/products/flash-player/apsb16-32.html https://security.gentoo.org/glsa/201610-10 https://access.redhat.com/security/cve/CVE-2016-6982 https://bugzilla.redhat.com/show_bug.cgi?id=1383931 • CWE-787: Out-of-bounds Write •