CVSS: 9.3EPSS: 45%CPEs: 1EXPL: 1CVE-2012-5054 – Adobe Flash Player Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2012-5054
24 Sep 2012 — Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments. Desbordamiento de entero en el método copyRawDataTo en la clase Matrix3D en Adobe Flash Player antes de 11.4.402.265, permite a atacantes remotos ejecutar código de su elección a través de argumentos mal formados. Adobe Flash Player contains an integer overflow vulnerability that allows remote attackers to execute code via mal... • http://packetstormsecurity.org/files/116435/Adobe-Flash-Player-Matrix3D-Integer-Overflow-Code-Execution.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.1EPSS: 0%CPEs: 287EXPL: 0CVE-2012-4171
https://notcve.org/view.php?id=CVE-2012-4171
31 Aug 2012 — Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow attackers to cause a denial of service (application crash) by leveraging a logic error during handling of Firefox dialogs. Adobe Flash Player anterior a v10.3.183.23 y v11.x anterior a v11.4.402.265 en Windows... • http://www.adobe.com/support/security/bulletins/apsb12-19.html •
CVSS: 9.3EPSS: 96%CPEs: 262EXPL: 1CVE-2012-1535 – Adobe Flash Player Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-1535
15 Aug 2012 — Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted SWF content, as exploited in the wild in August 2012 with SWF content in a Word document. Vulnerabilidad no especificada en Adobe Flash Player anterior a v11.3.300.271 en Windows y Mac OS X y anterior a v11.2.202.238 en Linux permite a atacantes remotos ejecutar código arbitr... • https://www.exploit-db.com/exploits/20624 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 25EXPL: 0CVE-2012-2036 – flash-plugin: multiple code execution flaws (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2036
09 Jun 2012 — Integer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de entero en Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior a v10.3.183.20 y v11.x a... • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 0%CPEs: 17EXPL: 0CVE-2012-2040
https://notcve.org/view.php?id=CVE-2012-2040
09 Jun 2012 — Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows local users to gain privileges via a Trojan horse executable file in an unspecified directory. Vulnerabilidad de path de búsqueda no seguro en el instalador de Adobe Flash Player anteri... • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html • CWE-426: Untrusted Search Path •
CVSS: 9.8EPSS: 0%CPEs: 25EXPL: 0CVE-2012-2037 – flash-plugin: multiple code execution flaws (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2037
09 Jun 2012 — Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2034. Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Window... • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 25EXPL: 0CVE-2012-2038 – flash-plugin: information disclosure flaw (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2038
09 Jun 2012 — Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior a v10.3.183.20 y v11.x ant... • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 25EXPL: 0CVE-2012-2039 – flash-plugin: multiple code execution flaws (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2039
09 Jun 2012 — Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via unspecified vectors. Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior a v10.3.183.20 y... • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 25EXPL: 0CVE-2012-2035 – flash-plugin: multiple code execution flaws (APSB12-14)
https://notcve.org/view.php?id=CVE-2012-2035
09 Jun 2012 — Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer basado en pila en Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Windows y Mac OS X; anterior... • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 4%CPEs: 25EXPL: 0CVE-2012-2034 – Adobe Flash Player Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2012-2034
09 Jun 2012 — Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2037. Adobe Flash Player anterior a v10.3.183.20 y v11.x anterior a v11.3.300.257 en Window... • http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00006.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •