CVSS: 9.3EPSS: 0%CPEs: 25EXPL: 0CVE-2012-2035 – flash-plugin: multiple code execution flaws (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2035
Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer basado en pila en Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior a v10.3.183.20 y v11.x anterior a v11.2.202.236 en Linux; anterior a v11.1.111.10 en Android v2.x y v3.x; y anterior a v11.1.115.9 en Android v4.x, y Adobe AIR anterior a v3.3.0.3610, permite a atacantes ejecutar comandos a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html http://rhn.redhat.com/errata/RHSA-2012-0722.html http://www.adobe.com/support/security/bulletins/apsb12-14.html https://access.redhat.com/security/cve/CVE-2012-2035 https://bugzilla.redhat.com/show_bug.cgi?id=830310 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 1%CPEs: 25EXPL: 0CVE-2012-2039 – flash-plugin: multiple code execution flaws (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2039
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors. Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior a v10.3.183.20 y v11.x anterior a v11.2.202.236 en Linux; anterior a v11.1.111.10 en Android v2.x y v3.x; y anterior a v11.1.115.9 en Android v4.x, y Adobe AIR anterior a v3.3.0.3610, permite a atacantes a ejecutar código o provocar una denegación de servicio (desreferencia de puntero NULL) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html http://rhn.redhat.com/errata/RHSA-2012-0722.html http://www.adobe.com/support/security/bulletins/apsb12-14.html https://access.redhat.com/security/cve/CVE-2012-2039 https://bugzilla.redhat.com/show_bug.cgi?id=830310 • CWE-476: NULL Pointer Dereference •
CVSS: 9.3EPSS: 1%CPEs: 25EXPL: 0CVE-2012-2037 – flash-plugin: multiple code execution flaws (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2037
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2034. Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior a v10.3.183.20 y v11.x anterior a v11.2.202.236 en Linux; anterior a v11.1.111.10 en Android v2.x y v3.x; y anterior a v11.1.115.9 en Android v4.x, y Adobe AIR anterior a v3.3.0.3610, permite a atacantes ejecutar comandos o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, es una vulnerabilidad distinta a CVE-2012-2034. • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html http://rhn.redhat.com/errata/RHSA-2012-0722.html http://www.adobe.com/support/security/bulletins/apsb12-14.html https://access.redhat.com/security/cve/CVE-2012-2037 https://bugzilla.redhat.com/show_bug.cgi?id=830310 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 25EXPL: 0CVE-2012-2034 – Adobe Flash Player Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2012-2034
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2037. Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior a v10.3.183.20 y v11.x anterior a v11.2.202.236 en Linux; anterior a v11.1.111.10 en Android v2.x y v3.x; y anterior a v11.1.115.9 en Android v4.x, y Adobe AIR anterior a v3.3.0.3610, permite a atacantes ejecutar comandos o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, es una vulnerabilidad distinta a CVE-2012-2034. Adobe Flash Player contains a memory corruption vulnerability that allows for remote code execution or denial-of-service (DoS). • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html http://rhn.redhat.com/errata/RHSA-2012-0722.html http://www.adobe.com/support/security/bulletins/apsb12-14.html https://access.redhat.com/security/cve/CVE-2012-2034 https://bugzilla.redhat.com/show_bug.cgi?id=830310 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 21EXPL: 3CVE-2012-1938 – Mozilla: Miscellaneous memory safety hazards (rv:13.0/ rv:10.0.5) (MFSA 2012-34)
https://notcve.org/view.php?id=CVE-2012-1938
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components. Múltiples vulnerabilidades no especificadas en el motor del navegador de Mozilla Firefox antes de v13.0, Thunderbird antes de v13.0, y SeaMonkey antes de v2.10 permiten a atacantes remotos causar una denegación de servicio (corrupción de la memoria y caída de la aplicación) o posiblemente ejecutar código de su elección a través de vectores relacionados con (1) methodjit/ImmutableSync.cpp, y con la función (2) JSObject::makeDenseArraySlow en js/src/jsarray.cpp y otros componentes desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00015.html http://rhn.redhat.com/errata/RHSA-2012-0710.html http://rhn.redhat.com/errata/RHSA-2012-0715.html http://www.mandriva.com/security/advisories?name=MDVSA-2012:088 http://www.mozilla.org/security/announce/2012/mfsa2012-34.html http://www.securityfocus.com/bid/53796 https://bugzilla.mozilla.org/show_bug.cgi?id=670317 https://bugzilla. •