Page 57 of 414 results (0.033 seconds)

CVSS: 10.0EPSS: 5%CPEs: 24EXPL: 0

CVE-2015-3084 – flash-plugin: multiple code execution issues fixed in APSB15-09

https://notcve.org/view.php?id=CVE-2015-3084

Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-3077 and CVE-2015-3086. Adobe Flash Player anterior a 13.0.0.289 y 14.x hasta 17.x anterior a 17.0.0.188 en Windows y OS X y anterior a 11.2.202.460 en Linux, Adobe AIR anterior a 17.0.0.172, Adobe AIR SDK anterior a 17.0.0.172, y Adobe AIR SDK & Compiler anterior a 17.0.0.172 permiten a atacantes ejecutar código arbitrario mediante el aprovechamiento de una 'confusión de tipos' no especificada, una vulnerabilidad diferente a CVE-2015-3077 y CVE-2015-3086. • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html http://rhn.redhat.com/errata/RHSA-2015-1005.html http://www.securityfocus.com/bid/74614 http://www.securitytracker.com/id/1032285 https://helpx.adobe.com/security/products/flash-player/apsb15-09.html https://security.gentoo.org/glsa/201505-02 https://access.redhat. •

CVSS: 10.0EPSS: 5%CPEs: 24EXPL: 0

CVE-2015-3086 – flash-plugin: multiple code execution issues fixed in APSB15-09

https://notcve.org/view.php?id=CVE-2015-3086

Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-3077 and CVE-2015-3084. Adobe Flash Player anterior a 13.0.0.289 y 14.x hasta 17.x anterior a 17.0.0.188 en Windows y OS X y anterior a 11.2.202.460 en Linux, Adobe AIR anterior a 17.0.0.172, Adobe AIR SDK anterior a 17.0.0.172, y Adobe AIR SDK & Compiler anterior a 17.0.0.172 permiten a atacantes ejecutar código arbitrario mediante el aprovechamiento de una 'confusión de tipos' no especificada, una vulnerabilidad diferente a CVE-2015-3077 y CVE-2015-3084. • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html http://rhn.redhat.com/errata/RHSA-2015-1005.html http://www.securityfocus.com/bid/74614 http://www.securitytracker.com/id/1032285 https://helpx.adobe.com/security/products/flash-player/apsb15-09.html https://security.gentoo.org/glsa/201505-02 https://access.redhat. •

CVSS: 10.0EPSS: 90%CPEs: 24EXPL: 1

CVE-2015-3087 – Flash Player - Integer Overflow in Function.apply

https://notcve.org/view.php?id=CVE-2015-3087

Integer overflow in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de enteros en Adobe Flash Player anterior a 13.0.0.289 y 14.x hasta 17.x anterior a 17.0.0.188 en Windows y OS X y anterior a 11.2.202.460 en Linux, Adobe AIR anterior a 17.0.0.172, Adobe AIR SDK anterior a 17.0.0.172, y Adobe AIR SDK & Compiler anterior a 17.0.0.172 permite a atacantes ejecutar código arbitrario a través de vectores no especificados. An integer overflow while calling Function.apply can lead to enter an ActionScript function without correctly validating the supplied arguments. Chrome version 41.0.2272.101 stable with Flash version 17.0.0.134 is affected. • https://www.exploit-db.com/exploits/37843 http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html http://rhn.redhat.com/errata/RHSA-2015-1005.html http://www.securityfocus.com/bid/74616 http://www.securitytracker.com/id/1032285 https://helpx.adobe.com/security/products/flash-player/apsb15-09.html https://security.gentoo • CWE-189: Numeric Errors •

CVSS: 10.0EPSS: 85%CPEs: 24EXPL: 1

CVE-2015-3088 – Adobe Flash - AVSS.setSubscribedTags Use-After-Free Memory Corruption

https://notcve.org/view.php?id=CVE-2015-3088

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de buffer basado en memoria dinámica en Adobe Flash Player anterior a 13.0.0.289 y 14.x hasta 17.x anterior a 17.0.0.188 en Windows y OS X y anterior a 11.2.202.460 en Linux, Adobe AIR anterior a 17.0.0.172, Adobe AIR SDK anterior a 17.0.0.172, y Adobe AIR SDK & Compiler anterior a 17.0.0.172 permite a atacantes ejecutar código arbitrario a través de vectores no especificados. Use After Free in Flash AVSS.setSubscribedTags, setCuePointTags and setSubscribedTagsForBackgroundManifest can be abused to write pointers to String to freed locations. • https://www.exploit-db.com/exploits/37844 http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html http://rhn.redhat.com/errata/RHSA-2015-1005.html http://www.securityfocus.com/bid/74609 http://www.securitytracker.com/id/1032285 https://helpx.adobe.com/security/products/flash-player/apsb15-09.html https://security.gentoo • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 67%CPEs: 24EXPL: 1

CVE-2015-3089 – Flash - Uninitialized Stack Variable MPD Parsing Memory Corruption

https://notcve.org/view.php?id=CVE-2015-3089

Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3078, CVE-2015-3090, and CVE-2015-3093. Adobe Flash Player anterior a 13.0.0.289 y 14.x hasta 17.x anterior a 17.0.0.188 en Windows y OS X y anterior a 11.2.202.460 en Linux, Adobe AIR anterior a 17.0.0.172, Adobe AIR SDK anterior a 17.0.0.172, y Adobe AIR SDK & Compiler anterior a 17.0.0.172 permiten a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-3078, CVE-2015-3090, y CVE-2015-3093. Loading a weird MPD file can corrupt flash player's memory. • https://www.exploit-db.com/exploits/37845 http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html http://rhn.redhat.com/errata/RHSA-2015-1005.html http://www.securityfocus.com/bid/74605 http://www.securitytracker.com/id/1032285 https://helpx.adobe.com/security/products/flash-player/apsb15-09.html https://security.gentoo • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •