CVSS: 10.0EPSS: 12%CPEs: 161EXPL: 0CVE-2012-5272 – flash-plugin: multiple code-execution flaws (APSB12-22)
https://notcve.org/view.php?id=CVE-2012-5272
09 Oct 2012 — Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than other Flash Player memory corruption CVEs listed in APSB12-22. Adobe... • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00034.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2011-1001
https://notcve.org/view.php?id=CVE-2011-1001
08 Jul 2011 — dexdump in Android SDK before 2.3 does not properly perform structural verification, which allows user-assisted remote attackers to cause a denial of service (dexdump crash) and possibly execute arbitrary code via a malformed APK or dex file that calls a method using more arguments than the number of register that have been declared for that method. dexdump en Android SDK antes de v2.3 no realiza correctamente la verificación estructural, lo que permite a atacantes remotos asistidos por el usuario provocar ... • http://android.git.kernel.org/?p=platform/dalvik.git%3Ba=commit%3Bh=4b0750e8df91220690bb417f45d7ae8b7851b220 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 7%CPEs: 2EXPL: 2CVE-2008-0986 – Google Android Web Browser - '.BMP' File Integer Overflow
https://notcve.org/view.php?id=CVE-2008-0986
06 Mar 2008 — Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3-rc37a and earlier, and m5-rc14, allows remote attackers to execute arbitrary code via a crafted BMP file with a header containing a negative offset field. Desbordamiento de entero en el método BMP::readFromStream de la librería libsgl.so de Google Android SDK m3-rc37a y versiones anteriores, y m5-rc14, permite a atacantes remotos la ejecución de código de su elección a través de un fichero BMP manipulado con... • https://www.exploit-db.com/exploits/31308 • CWE-189: Numeric Errors •