CVSS: 10.0EPSS: 1%CPEs: 14EXPL: 0CVE-2012-5277 – flash-plugin: multiple code-execution flaws (APSB12-24)
https://notcve.org/view.php?id=CVE-2012-5277
Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, and CVE-2012-5280. Desbordamiento de búfer en Adobe Flash Player antes de v10.3.183.43 y v11.x antes de v11.5.502.110 en Windows y Mac OS X, antes de v10.3.183.43 y 11.x antes de v11.2.202.251 en Linux, antes de v11.1.111.24 en Android 2.x y 3.x, y antes de v11.1.115.27 en Android 4.x, Adobe AIR antes de v3.5.0.600, y Adobe AIR SDK antes de v3.5.0.600 permite a los atacantes ejecutar código de su elección a través de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2012-5274, CVE-2012-5275, CVE-2012-5276 y CVE-2012 5280. • http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00030.html http://rhn.redhat.com/errata/RHSA-2012-1431.html http://secunia.com/advisories/51186 http://secunia.com/advisories/51207 http://secunia.com/advisories/51213 http://secunia.com/advisories/51245 htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 14EXPL: 0CVE-2012-5275 – flash-plugin: multiple code-execution flaws (APSB12-24)
https://notcve.org/view.php?id=CVE-2012-5275
Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5276, CVE-2012-5277, and CVE-2012-5280. Desbordamiento de búfer en Adobe Flash Player antes de v10.3.183.43 y v11.x antes de v11.5.502.110 en Windows y Mac OS X, antes de v10.3.183.43 y v11.x antes de v11.2.202.251 en Linux, antes de v11.1.111.24 en Android v2.x y y3.x, y antes de v11.1.115.27 en Android 4.x, Adobe AIR antes de v3.5.0.600, y Adobe AIR SDK antes de v3.5.0.600 permite a los atacantes ejecutar código de su elección a través de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2012-5274, CVE-2012-5276, CVE-2012-5277 y CVE-2012 5280. • http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00030.html http://rhn.redhat.com/errata/RHSA-2012-1431.html http://secunia.com/advisories/51186 http://secunia.com/advisories/51207 http://secunia.com/advisories/51213 http://secunia.com/advisories/51245 htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 14EXPL: 0CVE-2012-5274 – flash-plugin: multiple code-execution flaws (APSB12-24)
https://notcve.org/view.php?id=CVE-2012-5274
Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, and CVE-2012-5280. Desbordamiento de búfer en Adobe Flash Player antes de v10.3.183.43 y v11.x antes de v11.5.502.110 en Windows y Mac OS X, antes de v10.3.183.43 y v11.x antes de v11.2.202.251 en Linux, antes de v11.1.111.24 en Android v2.x y v3.x, y antes de v11.1.115.27 en Android v4.x, Adobe AIR antes de v3.5.0.600, y Adobe AIR SDK antes de v 3.5.0.600 permite a los atacantes ejecutar código de su elección a través de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2012-5275, CVE-2012-5276, CVE-2012-5277 y CVE-2012 5280. • http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00030.html http://rhn.redhat.com/errata/RHSA-2012-1431.html http://secunia.com/advisories/51186 http://secunia.com/advisories/51207 http://secunia.com/advisories/51213 http://secunia.com/advisories/51245 htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 14EXPL: 0CVE-2012-5276 – flash-plugin: multiple code-execution flaws (APSB12-24)
https://notcve.org/view.php?id=CVE-2012-5276
Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5277, and CVE-2012-5280. Un desbordamiento de búfer en Adobe Flash Player antes de v10.3.183.43 y v11.x antes de v11.5.502.110 en Windows y Mac OS X, antes de v10.3.183.43 y v11.x antes de v11.2.202.251 en Linux, antes de v11.1.111.24 en Android v2.x y v3.x, y antes de v11.1.115.27 en Android v4.x, Adobe AIR antes de v3.5.0.600, y Adobe AIR SDK antes de v3.5.0.600 permite a los atacantes ejecutar código de su elección a través de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2012-5274, CVE-2012-5275, CVE-2012-5277 y CVE-2012 5280. • http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00030.html http://rhn.redhat.com/errata/RHSA-2012-1431.html http://secunia.com/advisories/51186 http://secunia.com/advisories/51207 http://secunia.com/advisories/51213 http://secunia.com/advisories/51245 htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 14EXPL: 0CVE-2012-4168 – flash-plugin: cross-domain information leak flaw (APSB12-19)
https://notcve.org/view.php?id=CVE-2012-4168
Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540 allow remote attackers to read content from a different domain via a crafted web site. Adobe Flash Player anterior a v11.4.402.265 en Windows y Mac OS X, anterior a v11.2.202.238 en Linux, anterior a v11.1.111.16 en Android v2.x y v3.x, y anterior a v11.1.115.17 en Android v4.x; Adobe AIR anterior a v3.4.0.2540; y Adobe AIR SDK anterior a v3.4.0.254 permite atacantes remotos leer contenido desde un dominio diferente a través de un sitio web manipulado. • http://marc.info/?l=bugtraq&m=139455789818399&w=2 http://rhn.redhat.com/errata/RHSA-2012-1203.html http://security.gentoo.org/glsa/glsa-201209-01.xml http://www.adobe.com/support/security/bulletins/apsb12-19.html https://access.redhat.com/security/cve/CVE-2012-4168 https://bugzilla.redhat.com/show_bug.cgi?id=850529 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •