CVSS: 9.3EPSS: 1%CPEs: 25EXPL: 0CVE-2012-2039 – flash-plugin: multiple code execution flaws (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2039
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors. Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior a v10.3.183.20 y v11.x anterior a v11.2.202.236 en Linux; anterior a v11.1.111.10 en Android v2.x y v3.x; y anterior a v11.1.115.9 en Android v4.x, y Adobe AIR anterior a v3.3.0.3610, permite a atacantes a ejecutar código o provocar una denegación de servicio (desreferencia de puntero NULL) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html http://rhn.redhat.com/errata/RHSA-2012-0722.html http://www.adobe.com/support/security/bulletins/apsb12-14.html https://access.redhat.com/security/cve/CVE-2012-2039 https://bugzilla.redhat.com/show_bug.cgi?id=830310 • CWE-476: NULL Pointer Dereference •
CVSS: 9.3EPSS: 1%CPEs: 25EXPL: 0CVE-2012-2036 – flash-plugin: multiple code execution flaws (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2036
Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de entero en Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior a v10.3.183.20 y v11.x anterior a v11.2.202.236 en Linux; anterior a v11.1.111.10 en Android v2.x y v3.x; y anterior a v11.1.115.9 en Android v4.x, y Adobe AIR anterior a v3.3.0.3610, permite a atacantes ejecutar comandos a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html http://rhn.redhat.com/errata/RHSA-2012-0722.html http://www.adobe.com/support/security/bulletins/apsb12-14.html https://access.redhat.com/security/cve/CVE-2012-2036 https://bugzilla.redhat.com/show_bug.cgi?id=830310 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 0%CPEs: 25EXPL: 0CVE-2012-2038 – flash-plugin: information disclosure flaw (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2038
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior a v10.3.183.20 y v11.x anterior a v11.2.202.236 en Linux; anterior a v11.1.111.10 en Android v2.x y v3.x; y anterior a v11.1.115.9 en Android v4.x, y Adobe AIR anterior a v3.3.0.3610, permite a atacantes evitar las restricciones de acceso y obtener información sensible a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html http://rhn.redhat.com/errata/RHSA-2012-0722.html http://www.adobe.com/support/security/bulletins/apsb12-14.html https://access.redhat.com/security/cve/CVE-2012-2038 https://bugzilla.redhat.com/show_bug.cgi?id=830311 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 25EXPL: 0CVE-2012-2035 – flash-plugin: multiple code execution flaws (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2035
Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer basado en pila en Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior a v10.3.183.20 y v11.x anterior a v11.2.202.236 en Linux; anterior a v11.1.111.10 en Android v2.x y v3.x; y anterior a v11.1.115.9 en Android v4.x, y Adobe AIR anterior a v3.3.0.3610, permite a atacantes ejecutar comandos a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00007.html http://rhn.redhat.com/errata/RHSA-2012-0722.html http://www.adobe.com/support/security/bulletins/apsb12-14.html https://access.redhat.com/security/cve/CVE-2012-2035 https://bugzilla.redhat.com/show_bug.cgi?id=830310 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 11EXPL: 0CVE-2012-0724
https://notcve.org/view.php?id=CVE-2012-0724
Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0725. Adobe Flash Player anterior a v11.2.202.229 en Google Chrome anterior a v18.0.1025.151 permite a atacantes provocar una denegación de servicio (corrupción de memoria) o posiblemente tener un impacto no especificado a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2012 hasta 0725. • http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-updates.html http://secunia.com/advisories/48732 http://www.adobe.com/support/security/bulletins/apsb12-07.html http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/74638 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15533 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •