CVSS: 10.0EPSS: 2%CPEs: 12EXPL: 0CVE-2015-7627 – flash-plugin: multiple code execution issues fixed in APSB15-25
https://notcve.org/view.php?id=CVE-2015-7627
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7626, CVE-2015-7630, CVE-2015-7633, and CVE-2015-7634. Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anteriores a 11.2.202.535 en Linux, Adobe AIR en versiones anteriores a 19.0.0.213, Adobe AIR SDK en versiones anteriores a 19.0.0.213 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.213 permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-7625, CVE-2015-7626, CVE-2015-7630, CVE-2015-7633 y CVE-2015-7634. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1893.html http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securityfocus.com/bid/77065 http://www.securitytracker.com/id/1033797 https://hel • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 12EXPL: 0CVE-2015-7630 – flash-plugin: multiple code execution issues fixed in APSB15-25
https://notcve.org/view.php?id=CVE-2015-7630
Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7633, and CVE-2015-7634. Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anteriores a 11.2.202.535 en Linux, Adobe AIR en versiones anteriores a 19.0.0.213, Adobe AIR SDK en versiones anteriores a 19.0.0.213 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.213 permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7633 y CVE-2015-7634. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1893.html http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securityfocus.com/bid/77065 http://www.securitytracker.com/id/1033797 https://hel • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 2%CPEs: 12EXPL: 0CVE-2015-7629 – Adobe Flash TextFormat tabStops Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-7629
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a TextFormat object with a crafted tabStops property, a different vulnerability than CVE-2015-7631, CVE-2015-7643, and CVE-2015-7644. Vulnerabilidad de uso después de liberación de memoria in Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anteriores a 11.2.202.535 en Linux, Adobe AIR en versiones anteriores a 19.0.0.213, Adobe AIR SDK en versiones anteriores a 19.0.0.213 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.213 permite a atacantes ejecutar código arbitrario a través de un objeto TextFormat con una propiedad tabStops manipulada, una vulnerabilidad diferente a CVE-2015-7631, CVE-2015-7643 y CVE-2015-7644. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the TextFormat objects. By manipulating the tabStops property of a TextFormat object, an attacker can force a dangling pointer to be reused after it has been freed. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1893.html http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securityfocus.com/bid/77061 http://www.securitytracker.com/id/1033797 http://www& •
CVSS: 9.3EPSS: 2%CPEs: 12EXPL: 0CVE-2015-7631 – Adobe Flash TextLine validity Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-7631
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a TextLine object with a crafted validity property, a different vulnerability than CVE-2015-7629, CVE-2015-7643, and CVE-2015-7644. Vulnerabilidad de uso después de liberación de memoria in Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anteriores a 11.2.202.535 en Linux, Adobe AIR en versiones anteriores a 19.0.0.213, Adobe AIR SDK en versiones anteriores a 19.0.0.213 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.213 permite a atacantes ejecutar código arbitrario a través de un objeto TextLine con una propiedad validity manipulada, una vulnerabilidad diferente a CVE-2015-7629, CVE-2015-7643 y CVE-2015-7644. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the TextLine object. By manipulating the validity property of a TextLine object, an attacker can force a dangling pointer to be reused after it has been freed. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1893.html http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securityfocus.com/bid/77061 http://www.securitytracker.com/id/1033797 http://www& •
CVSS: 9.3EPSS: 6%CPEs: 12EXPL: 0CVE-2015-7632 – Adobe Flash Loader loadBytes Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-7632
Buffer overflow in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a Loader object with a crafted loaderBytes property. Desbordamiento de buffer in Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anteriores a 11.2.202.535 en Linux, Adobe AIR en versiones anteriores a 19.0.0.213, Adobe AIR SDK en versiones anteriores a 19.0.0.213 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.213 permite a atacantes ejecutar código arbitrario a través de un objeto Loader con una propiedad loaderBytes manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Loader object. By manipulating the loaderBytes property of a Loader object, an attacker can trigger a buffer overflow condition. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1893.html http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securityfocus.com/bid/77062 http://www.securitytracker.com/id/1033797 http://www& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •