CVE-2018-4934 – Adobe Flash - Info Leak in Image Inflation
https://notcve.org/view.php?id=CVE-2018-4934
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. Adobe Flash Player, en versiones 29.0.0.113 y anteriores, tiene una vulnerabilidad explotable de lectura fuera de límites. Su explotación con éxito podría resultar en una divulgación de información. Adobe Flash suffers from an image inflation information disclosure vulnerability. • https://www.exploit-db.com/exploits/44528 http://www.securityfocus.com/bid/103708 http://www.securitytracker.com/id/1040648 https://access.redhat.com/errata/RHSA-2018:1119 https://helpx.adobe.com/security/products/flash-player/apsb18-08.html https://security.gentoo.org/glsa/201804-11 https://access.redhat.com/security/cve/CVE-2018-4934 https://bugzilla.redhat.com/show_bug.cgi?id=1565799 • CWE-125: Out-of-bounds Read •
CVE-2018-4935 – Adobe Flash - Overflow in Slab Rendering
https://notcve.org/view.php?id=CVE-2018-4935
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. Adobe Flash Player, en versiones 29.0.0.113 y anteriores, tiene una vulnerabilidad explotable de escritura fuera de límites. Su explotación con éxito podría permitir la ejecución arbitraria de código en el contexto del usuario actual. Adobe Flash suffers from a slab rendering overflow. • https://www.exploit-db.com/exploits/44527 http://www.securityfocus.com/bid/103708 http://www.securitytracker.com/id/1040648 https://access.redhat.com/errata/RHSA-2018:1119 https://helpx.adobe.com/security/products/flash-player/apsb18-08.html https://security.gentoo.org/glsa/201804-11 https://access.redhat.com/security/cve/CVE-2018-4935 https://bugzilla.redhat.com/show_bug.cgi?id=1565800 • CWE-787: Out-of-bounds Write •
CVE-2018-4936 – Adobe Flash - Overflow when Playing Sound
https://notcve.org/view.php?id=CVE-2018-4936
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Heap Overflow vulnerability. Successful exploitation could lead to information disclosure. Adobe Flash Player, en versiones 29.0.0.113 y anteriores, tiene una vulnerabilidad explotable de desbordamiento de memoria dinámica (heap). Su explotación con éxito podría resultar en una divulgación de información. Adobe Flash suffers from a sound playing overflow. • https://www.exploit-db.com/exploits/44526 http://www.securityfocus.com/bid/103708 http://www.securitytracker.com/id/1040648 https://access.redhat.com/errata/RHSA-2018:1119 https://helpx.adobe.com/security/products/flash-player/apsb18-08.html https://security.gentoo.org/glsa/201804-11 https://access.redhat.com/security/cve/CVE-2018-4936 https://bugzilla.redhat.com/show_bug.cgi?id=1565799 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2018-4937 – Adobe Flash - Out-of-Bounds Write in blur Filtering
https://notcve.org/view.php?id=CVE-2018-4937
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. Adobe Flash Player, en versiones 29.0.0.113 y anteriores, tiene una vulnerabilidad explotable de escritura fuera de límites. Su explotación con éxito podría permitir la ejecución arbitraria de código en el contexto del usuario actual. Adobe Flash suffers from a blur filtering out of bounds write vulnerability. • https://www.exploit-db.com/exploits/44529 http://www.securityfocus.com/bid/103708 http://www.securitytracker.com/id/1040648 https://access.redhat.com/errata/RHSA-2018:1119 https://helpx.adobe.com/security/products/flash-player/apsb18-08.html https://security.gentoo.org/glsa/201804-11 https://access.redhat.com/security/cve/CVE-2018-4937 https://bugzilla.redhat.com/show_bug.cgi?id=1565800 • CWE-787: Out-of-bounds Write •
CVE-2018-4920 – flash-plugin: Type Confusion - remote code execution vulnerability (APSB18-05)
https://notcve.org/view.php?id=CVE-2018-4920
Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. Adobe Flash Player, en versiones 28.0.0.161 y anteriores, tiene una vulnerabilidad explotable de confusión de tipos. Su explotación con éxito podría permitir la ejecución arbitraria de código en el contexto del usuario actual. • http://www.securityfocus.com/bid/103383 http://www.securitytracker.com/id/1040509 https://access.redhat.com/errata/RHSA-2018:0520 https://helpx.adobe.com/security/products/flash-player/apsb18-05.html https://access.redhat.com/security/cve/CVE-2018-4920 https://bugzilla.redhat.com/show_bug.cgi?id=1555030 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •