Page 5 of 22 results (0.008 seconds)

CVSS: 9.3EPSS: 39%CPEs: 38EXPL: 1

Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a "buffer overflow issue." Adobe Flash Player v9.x anteriores a v9.0.159.0 y 10.x before 10.0.22.87 no elimina apropiadamente referencias a objetos destruidos durante el procesado de un archivo Shockwave Flash, lo que permite a los atacantes remotos ejecutar arbitrariamente código a través de un fichero manipulado, en relación a un "asunto de desbordamiento de búfer". • https://www.exploit-db.com/exploits/32811 http://isc.sans.org/diary.html?storyid=5929 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=773 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://rhn.redhat.com/errata/RHSA-2009-0332.html http://rhn.redhat.com/errata/RHSA-2009-0334.html http://secunia.com/advisories/34012 http://secunia.com/advisories/34226 http://secunia.com/advisories/34293 http://secunia.com/advisories/35074 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 96%CPEs: 7EXPL: 1

Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, and 9.0.151.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file. Vulnerabilidad sin especificar en Adobe Flash Player para Linux v10.0.12.36, y v9.0.151.0 y versiones anteriores, permite a atacantes remotos ejecutar código de su elección a través de un fichero SWF manipulado. • https://www.exploit-db.com/exploits/18761 http://lists.opensuse.org/opensuse-security-announce/2008-12/msg00006.html http://osvdb.org/50796 http://secunia.com/advisories/33221 http://secunia.com/advisories/33267 http://secunia.com/advisories/33294 http://secunia.com/advisories/34226 http://security.gentoo.org/glsa/glsa-200903-23.xml http://www.adobe.com/support/security/bulletins/apsb08-24.html http://www.redhat.com/support/errata/RHSA-2008-1047.html http://www.securityf • CWE-94: Improper Control of Generation of Code ('Code Injection') •