Page 51 of 378 results (0.010 seconds)

CVSS: 10.0EPSS: 83%CPEs: 8EXPL: 1

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-5554, CVE-2015-5555, and CVE-2015-5558. Vulnerabilidad en Adobe Flash Player en versiones anteriores a 18.0.0.232 en Windows y OS X y versiones anteriores a 11.2.202.508 en Linux, en Adobe AIR en versiones anteriores a 18.0.0.199, Adobe AIR SDK en versiones anteriores a 18.0.0.199 y Adobe AIR SDK & Compiler en versiones anteriores a 18.0.0.199, permite a atacantes ejecutar código arbitrario mediante el aprovechamiento de un ataque 'type confusion' no especificado, una vulnerabilidad diferente a CVE-2015-5554, CVE-2015-5555 y CVE-2015-5558. The Shared Object constructor does not check that the object it is provided is of type Object before setting it to be of type SharedObject. This can cause problems if another method (such as Sound.loadSound) calls into script between checking the input object type, and casting its native object. • https://www.exploit-db.com/exploits/37881 http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1603.html http://www.securityfocus.com/bid/76287 http://www.securitytracker.com/id/1033235 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb& •

CVSS: 10.0EPSS: 3%CPEs: 8EXPL: 0

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, and CVE-2015-5565. Vulnerabilidad de uso después de liberación en la memoria en Adobe Flash Player en versiones anteriores a 18.0.0.232 en Windows y OS X y versiones anteriores a 11.2.202.508 en Linux, en Adobe AIR en versiones anteriores a 18.0.0.199 y Adobe AIR SDK en versiones anteriores a 18.0.0.199 y Adobe AIR SDK & Compiler en versiones anteriores a 18.0.0.199, permite a atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563 y CVE-2015-5565. • http://rhn.redhat.com/errata/RHSA-2015-1603.html http://www.securityfocus.com/bid/76288 http://www.securitytracker.com/id/1033235 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 https://helpx.adobe.com/security/products/flash-player/apsb15-19.html https://secur •

CVSS: 10.0EPSS: 11%CPEs: 8EXPL: 0

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, and CVE-2015-5564. Vulnerabilidad de uso después de liberación en la memoria en Adobe Flash Player en versiones anteriores a 18.0.0.232 en Windows y OS X y versiones anteriores a 11.2.202.508 en Linux, Adobe AIR en versiones anteriores a 18.0.0.199, Adobe AIR SDK en versiones anteriores a 18.0.0.199 y Adobe AIR SDK & Compiler en versiones anteriores a 18.0.0.199, permite a atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5127, CVE-2015-5130, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563 y CVE-2015-5564. • http://rhn.redhat.com/errata/RHSA-2015-1603.html http://www.securityfocus.com/bid/76288 http://www.securitytracker.com/id/1033235 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 https://helpx.adobe.com/security/products/flash-player/apsb15-19.html https://acces •

CVSS: 10.0EPSS: 16%CPEs: 9EXPL: 0

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown vectors. Vulnerabilidad en Adobe Flash Player en versiones anteriores a 18.0.0.233 en Windows y OS X y versiones anteriores a 11.2.202.508 en Linux, en Adobe AIR en versiones anteriores a 18.0.0.199, Adobe AIR SDK en versiones anteriores a 18.0.0.199 y Adobe AIR SDK & Compiler en versiones anteriores a 18.0.0.199, permite a atacantes provocar una denegación de servicio (corrupción de longitud de vectores) o posiblemente tener otro impacto no especificado a través de vectores desconocidos. Flash version 18.0.0.209 contains new mitigations to defend against corruptions of Vector.<uint> (and other) lengths. One of these mitigations, at Vector access time, compares the Vector's in-memory length with a representation of the same length XOR'ed with a secret cookie. • http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://www.securityfocus.com/bid/76291 http://www.securitytracker.com/id/1033235 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 https://helpx.adobe.com/security/products/flash-player/apsb15-19.html https://security.gentoo.org/glsa/201508-01 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 85%CPEs: 9EXPL: 1

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5130, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. Vulnerabilidad de uso después de liberación en la memoria en Adobe Flash Player en versiones anteriores a 18.0.0.232 en Windows y OS X y versiones anteriores a 11.2.202.508 en Linux, en Adobe AIR en versiones anteriores a 18.0.0.199, Adobe AIR SDK en versiones anteriores a 18.0.0.199 y Adobe AIR SDK & Compiler en versiones anteriores a 18.0.0.199, permite a atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-5127, CVE-2015-5130, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564 y CVE-2015-5565. In certain cases where a native AS2 class sets an internal variable, it can lead to a use-after-free if the variable is a SharedObject. While this example shows setting NetConnection.contentType, this applies to several other variables including many properties of the Sound and NetStream classes. • https://www.exploit-db.com/exploits/37852 http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html http://rhn.redhat.com/errata/RHSA-2015-1603.html http://www.securityfocus.com/bid/76288 http://www.securitytracker.com/id/1033235 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb& •