CVSS: 10.0EPSS: 3%CPEs: 13EXPL: 0CVE-2017-3075 – Adobe Flash XML load Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-3075
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability when manipulating the ActionsScript 2 XML class. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Flash Player 25.0.0.171 y anteriores podrían permitir la explotación de una vulnerabilidad de liberación de memoria al manipular la clase XML de ActionScript 2. Una explotación exitosa podría conducir a la ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://www.securityfocus.com/bid/99023 http://www.securitytracker.com/id/1038655 https://access.redhat.com/errata/RHSA-2017:1439 https://helpx.adobe.com/security/products/flash-player/apsb17-17.html https://security.gentoo.org/glsa/201707-15 https://access.redhat.com/security/cve/CVE-2017-3075 https://bugzilla.redhat.com/show_bug.cgi?id=1461146 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 3%CPEs: 13EXPL: 0CVE-2017-3082 – Adobe Flash LocaleID determinePreferredLocales Uninitialized Memory Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-3082
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable memory corruption vulnerability in the LocaleID class. Successful exploitation could lead to arbitrary code execution. Las versiones de Adobe Flash Player 25.0.0.171 y anteriores podrían permitir la explotación de una vulnerabilidad de corrupción de memoria en la clase LocaleID. Una explotación exitosa podría conducir a la ejecución de código arbitrario. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://www.securityfocus.com/bid/99025 http://www.securitytracker.com/id/1038655 https://access.redhat.com/errata/RHSA-2017:1439 https://helpx.adobe.com/security/products/flash-player/apsb17-17.html https://security.gentoo.org/glsa/201707-15 https://access.redhat.com/security/cve/CVE-2017-3082 https://bugzilla.redhat.com/show_bug.cgi?id=1461146 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-5085 – chromium-browser: inappropriate javascript execution on webui pages
https://notcve.org/view.php?id=CVE-2017-5085
Inappropriate implementation in Bookmarks in Google Chrome prior to 59 for iOS allowed a remote attacker who convinced the user to perform certain operations to run JavaScript on chrome:// pages via a crafted bookmark. Una implementación incorrecta en Bookmarks en Google Chrome, en versiones anteriores a la 59 para iOS, permitía que un atacante remoto que hubiese convencido a un usuario para realizar ciertas operaciones ejecutase código JavaScript en páginas chrome:// mediante un marcador manipulado. • http://www.securityfocus.com/bid/98861 http://www.securitytracker.com/id/1038622 https://access.redhat.com/errata/RHSA-2017:1399 https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop.html https://crbug.com/692378 https://security.gentoo.org/glsa/201706-20 https://access.redhat.com/security/cve/CVE-2017-5085 https://bugzilla.redhat.com/show_bug.cgi?id=1459037 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 2%CPEs: 17EXPL: 0CVE-2017-3069 – flash-plugin: multiple code execution issues fixed in APSB17-15
https://notcve.org/view.php?id=CVE-2017-3069
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class. Successful exploitation could lead to arbitrary code execution. Flash Player versiones 25.0.0.148 y anteriores de Adobe, presenta una vulnerabilidad de corrupción de memoria explotable en la clase BlendMode. Una explotación con éxito podría conllevar a la ejecución de código arbitraria. • http://www.securityfocus.com/bid/98349 http://www.securitytracker.com/id/1038427 https://access.redhat.com/errata/RHSA-2017:1219 https://helpx.adobe.com/security/products/flash-player/apsb17-15.html https://security.gentoo.org/glsa/201705-12 https://access.redhat.com/security/cve/CVE-2017-3069 https://bugzilla.redhat.com/show_bug.cgi?id=1449340 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 2%CPEs: 17EXPL: 0CVE-2017-3074 – flash-plugin: multiple code execution issues fixed in APSB17-15
https://notcve.org/view.php?id=CVE-2017-3074
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Graphics class. Successful exploitation could lead to arbitrary code execution. Flash Player versiones 25.0.0.148 y anteriores de Adobe, presenta una vulnerabilidad de corrupción de memoria explotable en la clase Graphics. Una explotación con éxito podría conllevar a la ejecución de código arbitraria. • http://www.securityfocus.com/bid/98349 http://www.securitytracker.com/id/1038427 https://access.redhat.com/errata/RHSA-2017:1219 https://helpx.adobe.com/security/products/flash-player/apsb17-15.html https://security.gentoo.org/glsa/201705-12 https://access.redhat.com/security/cve/CVE-2017-3074 https://bugzilla.redhat.com/show_bug.cgi?id=1449340 • CWE-787: Out-of-bounds Write •