CVE-2018-18311 – perl: Integer overflow leading to buffer overflow in Perl_my_setenv()
https://notcve.org/view.php?id=CVE-2018-18311
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. Perl, en versiones anteriores a la 5.26.3 y versiones 5.28.0.x anteriores a la 5.28.1, tiene un desbordamiento de búfer mediante una expresión regular manipulada que desencadena operaciones inválidas de escritura. • http://seclists.org/fulldisclosure/2019/Mar/49 http://www.securityfocus.com/bid/106145 http://www.securitytracker.com/id/1042181 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2019:0001 https://access.redhat.com/errata/RHSA-2019:0010 https://access.redhat.com/errata/RHSA-2019:0109 https://access.redhat.com/errata/RHSA-2019:1790 https://access.redhat.com/errata/RHSA-2019:1942 https://access.redhat.com/errata/RHSA-2019:2400 https: • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVE-2018-15981 – flash-plugin: Arbitrary code execution vulnerability (APSB18-44)
https://notcve.org/view.php?id=CVE-2018-15981
Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. Flash Player, en versiones 31.0.0.148 y anteriores, tiene una vulnerabilidad de confusión de tipos. La explotación con éxito de esta vulnerabilidad podría permitir la ejecución arbitraria de código. • http://www.securityfocus.com/bid/105964 http://www.securitytracker.com/id/1042151 https://access.redhat.com/errata/RHSA-2018:3644 https://helpx.adobe.com/security/products/flash-player/apsb18-44.html https://access.redhat.com/security/cve/CVE-2018-15981 https://bugzilla.redhat.com/show_bug.cgi?id=1651640 • CWE-704: Incorrect Type Conversion or Cast •
CVE-2018-15978 – flash-plugin: Information Disclosure vulnerability (APSB18-39)
https://notcve.org/view.php?id=CVE-2018-15978
Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Flash Player, en versiones 31.0.0.122 y anteriores, tiene una vulnerabilidad de lectura fuera de límites. Su explotación con éxito podría resultar en una divulgación de información. • http://www.securityfocus.com/bid/105909 http://www.securitytracker.com/id/1042098 https://access.redhat.com/errata/RHSA-2018:3618 https://helpx.adobe.com/security/products/flash-player/apsb18-39.html https://access.redhat.com/security/cve/CVE-2018-15978 https://bugzilla.redhat.com/show_bug.cgi?id=1649537 • CWE-125: Out-of-bounds Read •
CVE-2018-15967 – flash-plugin: Information Disclosure vulnerability (APSB18-31)
https://notcve.org/view.php?id=CVE-2018-15967
Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure. Adobe Flash Player, en versiones 30.0.0.154 y anteriores, tiene una vulnerabilidad de escalado de privilegios. Su explotación con éxito podría resultar en una divulgación de información. • http://www.securityfocus.com/bid/105315 http://www.securitytracker.com/id/1041620 https://access.redhat.com/errata/RHSA-2018:2707 https://helpx.adobe.com/security/products/flash-player/apsb18-31.html https://access.redhat.com/security/cve/CVE-2018-15967 https://bugzilla.redhat.com/show_bug.cgi?id=1627892 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2018-12826 – flash-plugin: Information Disclosure vulnerabilities (APSB18-25)
https://notcve.org/view.php?id=CVE-2018-12826
Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Adobe Flash Player, en versiones 30.0.0.134 y anteriores, tiene una vulnerabilidad de lectura fuera de límites. Su explotación con éxito podría resultar en una divulgación de información. • http://www.securityfocus.com/bid/105066 http://www.securitytracker.com/id/1041448 https://access.redhat.com/errata/RHSA-2018:2435 https://helpx.adobe.com/security/products/flash-player/apsb18-25.html https://access.redhat.com/security/cve/CVE-2018-12826 https://bugzilla.redhat.com/show_bug.cgi?id=1616026 • CWE-125: Out-of-bounds Read •