CVE-2019-7090 – Adobe Flash Player ActionScript Vector Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-7090
Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Las versiones de Flash Player Desktop Runtime 32.0.0.114 y anteriores, Flash Player para versiones de Google Chrome 32.0.0.114 y anteriores, y las versiones de Flash Player para Microsoft Edge e Internet Explorer 11 32.0.0.114 y anteriores tienen una vulnerabilidad de lectura fuera de límites. Su explotación exitosa podría llevar a la divulgación de información. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Flash Player. • https://helpx.adobe.com/security/products/flash-player/apsb19-06.html https://access.redhat.com/security/cve/CVE-2019-7090 https://bugzilla.redhat.com/show_bug.cgi?id=1676575 • CWE-125: Out-of-bounds Read •
CVE-2018-15983
https://notcve.org/view.php?id=CVE-2018-15983
Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. Flash Player, en versiones 31.0.0.153 y anteriores y en la 31.0.0.108 y anteriores, tiene una vulnerabilidad de carga de biblioteca no segura (dll hijacking). Su explotación con éxito podría conducir al escalado de privilegios. • http://www.securityfocus.com/bid/106108 https://helpx.adobe.com/security/products/flash-player/apsb18-42.html • CWE-426: Untrusted Search Path •
CVE-2018-15982 – Adobe Flash Player Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2018-15982
Flash Player versions 31.0.0.153 and earlier, and 31.0.0.108 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution. Flash Player, en versiones 31.0.0.153 y anteriores y en la 31.0.0.108 y anteriores, tiene una vulnerabilidad de uso de memoria previamente liberada. La explotación con éxito de esta vulnerabilidad podría permitir la ejecución arbitraria de código. Adobe Flash Player com.adobe.tvsdk.mediacore.metadata Use After Free Vulnerability • https://www.exploit-db.com/exploits/46051 https://github.com/scanfsec/CVE-2018-15982 https://github.com/FlatL1neAPT/CVE-2018-15982 https://github.com/SyFi/CVE-2018-15982 https://github.com/Ormicron/CVE-2018-15982_PoC https://github.com/Ridter/CVE-2018-15982_EXP https://github.com/kphongagsorn/adobe-flash-cve2018-15982 https://github.com/jas502n/CVE-2018-15982_EXP_IE http://www.securityfocus.com/bid/106116 https://access.redhat.com/errata/RHSA-2018:3795 https://h • CWE-416: Use After Free •
CVE-2018-15981 – flash-plugin: Arbitrary code execution vulnerability (APSB18-44)
https://notcve.org/view.php?id=CVE-2018-15981
Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. Flash Player, en versiones 31.0.0.148 y anteriores, tiene una vulnerabilidad de confusión de tipos. La explotación con éxito de esta vulnerabilidad podría permitir la ejecución arbitraria de código. • http://www.securityfocus.com/bid/105964 http://www.securitytracker.com/id/1042151 https://access.redhat.com/errata/RHSA-2018:3644 https://helpx.adobe.com/security/products/flash-player/apsb18-44.html https://access.redhat.com/security/cve/CVE-2018-15981 https://bugzilla.redhat.com/show_bug.cgi?id=1651640 • CWE-704: Incorrect Type Conversion or Cast •
CVE-2018-15978 – flash-plugin: Information Disclosure vulnerability (APSB18-39)
https://notcve.org/view.php?id=CVE-2018-15978
Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Flash Player, en versiones 31.0.0.122 y anteriores, tiene una vulnerabilidad de lectura fuera de límites. Su explotación con éxito podría resultar en una divulgación de información. • http://www.securityfocus.com/bid/105909 http://www.securitytracker.com/id/1042098 https://access.redhat.com/errata/RHSA-2018:3618 https://helpx.adobe.com/security/products/flash-player/apsb18-39.html https://access.redhat.com/security/cve/CVE-2018-15978 https://bugzilla.redhat.com/show_bug.cgi?id=1649537 • CWE-125: Out-of-bounds Read •