Page 45 of 378 results (0.010 seconds)

CVSS: 9.3EPSS: 2%CPEs: 12EXPL: 0

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a TextLine object with a crafted validity property, a different vulnerability than CVE-2015-7629, CVE-2015-7643, and CVE-2015-7644. Vulnerabilidad de uso después de liberación de memoria in Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anteriores a 11.2.202.535 en Linux, Adobe AIR en versiones anteriores a 19.0.0.213, Adobe AIR SDK en versiones anteriores a 19.0.0.213 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.213 permite a atacantes ejecutar código arbitrario a través de un objeto TextLine con una propiedad validity manipulada, una vulnerabilidad diferente a CVE-2015-7629, CVE-2015-7643 y CVE-2015-7644. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the TextLine object. By manipulating the validity property of a TextLine object, an attacker can force a dangling pointer to be reused after it has been freed. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1893.html http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securityfocus.com/bid/77061 http://www.securitytracker.com/id/1033797 http://www& •

CVSS: 9.3EPSS: 2%CPEs: 12EXPL: 0

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a Video object with a crafted deblocking property, a different vulnerability than CVE-2015-7629, CVE-2015-7631, and CVE-2015-7644. Vulnerabilidad de uso después de liberación de memoria in Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anteriores a 11.2.202.535 en Linux, Adobe AIR en versiones anteriores a 19.0.0.213, Adobe AIR SDK en versiones anteriores a 19.0.0.213 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.213 permite a atacantes ejecutar código arbitrario a través de un objeto Video con una propiedad deblocking manipulada, una vulnerabilidad diferente a CVE-2015-7629, CVE-2015-7631 y CVE-2015-7644. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Video objects. By manipulating the deblocking property, an attacker can force a dangling pointer to be reused after it has been freed. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1893.html http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securityfocus.com/bid/77061 http://www.securitytracker.com/id/1033797 http://www& •

CVSS: 9.3EPSS: 6%CPEs: 12EXPL: 0

Buffer overflow in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a Loader object with a crafted loaderBytes property. Desbordamiento de buffer in Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anteriores a 11.2.202.535 en Linux, Adobe AIR en versiones anteriores a 19.0.0.213, Adobe AIR SDK en versiones anteriores a 19.0.0.213 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.213 permite a atacantes ejecutar código arbitrario a través de un objeto Loader con una propiedad loaderBytes manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Loader object. By manipulating the loaderBytes property of a Loader object, an attacker can trigger a buffer overflow condition. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1893.html http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securityfocus.com/bid/77062 http://www.securitytracker.com/id/1033797 http://www& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 2%CPEs: 12EXPL: 0

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK & Compiler before 19.0.0.213 allows attackers to execute arbitrary code via a TextFormat object with a crafted tabStops property, a different vulnerability than CVE-2015-7631, CVE-2015-7643, and CVE-2015-7644. Vulnerabilidad de uso después de liberación de memoria in Adobe Flash Player en versiones anteriores a 18.0.0.252 y 19.x en versiones anteriores a 19.0.0.207 en Windows y OS X y en versiones anteriores a 11.2.202.535 en Linux, Adobe AIR en versiones anteriores a 19.0.0.213, Adobe AIR SDK en versiones anteriores a 19.0.0.213 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.213 permite a atacantes ejecutar código arbitrario a través de un objeto TextFormat con una propiedad tabStops manipulada, una vulnerabilidad diferente a CVE-2015-7631, CVE-2015-7643 y CVE-2015-7644. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the TextFormat objects. By manipulating the tabStops property of a TextFormat object, an attacker can force a dangling pointer to be reused after it has been freed. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1893.html http://rhn.redhat.com/errata/RHSA-2015-2024.html http://www.securityfocus.com/bid/77061 http://www.securitytracker.com/id/1033797 http://www& •

CVSS: 5.0EPSS: 7%CPEs: 36EXPL: 0

Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors. Vulnerabilidad en Adobe Flash Player en versiones anteriores a 18.0.0.241 y 19.x en versiones anteriores a 19.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.521 en Linux, Adobe AIR en versiones anteriores a 19.0.0.190, Adobe AIR SDK en versiones anteriores a 19.0.0.190 y Adobe AIR SDK & Compiler en versiones anteriores a 19.0.0.190, no restringe adecuadamente el descubrimiento de direcciones de memoria, lo que permite a atacantes eludir el mecanismo de protección ASLR a través de vectores no especificados. Adobe Flash suffers from an information leak that may render non-deterministic content that apparently contains pointers. • http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1814.html http://www.securityfocus.com/bid/76802 http://www.securitytracker.com/id/1033629 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay& • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •