CVSS: 10.0EPSS: 50%CPEs: 31EXPL: 0CVE-2015-0349 – Adobe Flash Player AS3 ConvolutionFilter Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-0349
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0351, CVE-2015-0358, and CVE-2015-3039. Vulnerabilidad de uso después de liberación en Adobe Flash Player anterior a 13.0.0.281 y 14.x hasta 17.x anterior a 17.0.0.169 en Windows y OS X y anterior a 11.2.202.457 en Linux permite a atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-0351, CVE-2015-0358, y CVE-2015-3039. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of AS3 ConvolutionFilter objects. By manipulating the matrix property of a ConvolutionFilter object, an attacker can force a dangling pointer to be reused after it has been freed. • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html http://rhn.redhat.com/errata/RHSA-2015-0813.html http://www.securityfocus.com/bid/74064 http://www.securitytracker.com/id/1032105 https://helpx.adobe.com/security/products/flash-player/apsb15-06.htm •
CVSS: 10.0EPSS: 50%CPEs: 31EXPL: 0CVE-2015-3039 – Adobe Flash Player AS2 ConvolutionFilter Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-3039
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0351, and CVE-2015-0358. Vulnerabilidad de uso después de liberación en Adobe Flash Player anterior a 13.0.0.281 y 14.x hasta 17.x anterior a 17.0.0.169 en Windows y OS X y anterior a 11.2.202.457 en Linux permite a atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-0349, CVE-2015-0351 y CVE-2015-0358. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of AS2 ConvolutionFilter objects. By manipulating the matrix property of a ConvolutionFilter object, an attacker can force a dangling pointer to be reused after it has been freed. • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html http://rhn.redhat.com/errata/RHSA-2015-0813.html http://www.securityfocus.com/bid/74064 http://www.securitytracker.com/id/1032105 https://helpx.adobe.com/security/products/flash-player/apsb15-06.htm •
CVSS: 5.0EPSS: 0%CPEs: 31EXPL: 0CVE-2015-3040 – flash-plugin: information leaks leading to ASLR bypass (APSB15-06)
https://notcve.org/view.php?id=CVE-2015-3040
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-0357. Adobe Flash Player anterior a 13.0.0.281 y 14.x hasta 17.x anterior a 17.0.0.169 en Windows y OS X y anterior a 11.2.202.457 en Linux no restringe correctamente el descubrimiento de direcciones de la memoria, lo que permite a atacantes evadir el mecanismo de protección ASLR en Windows a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-0357. • http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html http://rhn.redhat.com/errata/RHSA-2015-0813.html http://www.securitytracker.com/id/1032105 https://helpx.adobe.com/security/products/flash-player/apsb15-06.html https://security.gentoo.org/glsa/2015 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0CVE-2015-2041
https://notcve.org/view.php?id=CVE-2015-2041
net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly have unspecified other impact by accessing a sysctl entry. net/llc/sysctl_net_llc.c en el kernel de Linux anterior a 3.19 utiliza un tipo de datos incorrecto en una tabla sysctl, lo que permite a usuarios locales obtener información sensible de la memoria del kernel o posiblemente tener otro impacto no especificado mediante el acceso a una entrada sysctl. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6b8d9117ccb4f81b1244aafa7bc70ef8fa45fc49 http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html http://www.debian.org/security/2015/dsa-3237 http://www.openwall.com/lists/oss-secu • CWE-17: DEPRECATED: Code •
CVSS: 5.0EPSS: 0%CPEs: 160EXPL: 0CVE-2015-2808 – SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher
https://notcve.org/view.php?id=CVE-2015-2808
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue. El algoritmo RC4, utilizado en el protocolo TLS y el protocolo SSL, no combina correctamente los datos de estados con los datos de claves durante la fase de inicialización, lo que facilita a atacantes remotos realizar ataques de recuperación de texto claro contra los bytes iniciales de un flujo mediante la captura de trafico de la red que ocasionalmente depende de claves afectadas por la debilidad de la invariabilidad (Invariance Weakness), y posteriormente utilizar un acercamiento de fuerza bruta que involucra valores LSB, también conocido como el problema de 'Bar Mitzvah'. • http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •