Page 9 of 294 results (0.012 seconds)

CVSS: 9.3EPSS: 2%CPEs: 13EXPL: 0

CVE-2017-2997 – flash-plugin: multiple code execution issues fixed in APSB17-07

https://notcve.org/view.php?id=CVE-2017-2997

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versión 24.0.0.221 y versiones anteriores tienen una vulnerabilidad de desbordamiento/vaciado de búfer explotable en el Primetime TVSDK que permite personalizar la información del anuncio. Una explotación exitosa puede resultar en ejecución de código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0526.html http://www.securityfocus.com/bid/96860 http://www.securitytracker.com/id/1037994 https://helpx.adobe.com/security/products/flash-player/apsb17-07.html https://security.gentoo.org/glsa/201703-02 https://access.redhat.com/security/cve/CVE-2017-2997 https://bugzilla.redhat.com/show_bug.cgi?id=1432200 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 2%CPEs: 13EXPL: 0

CVE-2017-2998 – flash-plugin: multiple code execution issues fixed in APSB17-07

https://notcve.org/view.php?id=CVE-2017-2998

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versión 24.0.0.221 y versiones anteriores tienen una vulnerabilidad de corrupción de memoria explotable en la funcionalidad Primetime TVSDK API relacionada con interacciones de la línea del tiempo. Una explotación exitosa podría resultar en ejecución de código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0526.html http://www.securityfocus.com/bid/96866 http://www.securitytracker.com/id/1037994 https://helpx.adobe.com/security/products/flash-player/apsb17-07.html https://security.gentoo.org/glsa/201703-02 https://access.redhat.com/security/cve/CVE-2017-2998 https://bugzilla.redhat.com/show_bug.cgi?id=1432200 • CWE-787: Out-of-bounds Write •

CVSS: 9.3EPSS: 2%CPEs: 13EXPL: 0

CVE-2017-2999 – flash-plugin: multiple code execution issues fixed in APSB17-07

https://notcve.org/view.php?id=CVE-2017-2999

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK functionality related to hosting playback surface. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versión 24.0.0.221 y versiones anteriores tienen una vulnerabilidad de corrupción de memoria explotable en la funcionalidad Primetime TVSDK relacionada con alojamiento de la superficie de reproducción. Una explotación exitosa podría resultar en ejecución de código arbitrario. • http://rhn.redhat.com/errata/RHSA-2017-0526.html http://www.securityfocus.com/bid/96866 http://www.securitytracker.com/id/1037994 https://helpx.adobe.com/security/products/flash-player/apsb17-07.html https://security.gentoo.org/glsa/201703-02 https://access.redhat.com/security/cve/CVE-2017-2999 https://bugzilla.redhat.com/show_bug.cgi?id=1432200 • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 13EXPL: 1

CVE-2017-3000 – flash-plugin: multiple code execution issues fixed in APSB17-07

https://notcve.org/view.php?id=CVE-2017-3000

Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability in the random number generator used for constant blinding. Successful exploitation could lead to information disclosure. Adobe Flash Player versión 24.0.0.221 y versiones anteriores tienen una vulnerabilidad en el generador de números aleatorios utilizado para el cegamiento constante. Una explotación exitosa podría resultar en divulgación de información. • https://github.com/dangokyo/CVE-2017-3000 http://rhn.redhat.com/errata/RHSA-2017-0526.html http://www.securityfocus.com/bid/96862 http://www.securitytracker.com/id/1037994 https://helpx.adobe.com/security/products/flash-player/apsb17-07.html https://security.gentoo.org/glsa/201703-02 https://access.redhat.com/security/cve/CVE-2017-3000 https://bugzilla.redhat.com/show_bug.cgi?id=1432200 •

CVSS: 9.3EPSS: 1%CPEs: 13EXPL: 0

CVE-2017-3001 – Adobe Flash MovieClip transform Use-After-Free Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2017-3001

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable use after free vulnerability related to garbage collection in the ActionScript 2 VM. Successful exploitation could lead to arbitrary code execution. Adobe Flash Player versión 24.0.0.221 y versiones anteriores tienen una vulnerabilidad de uso después de liberación de memoria explotable relacionada con la recolección de basura en la ActionScript 2 VM. Una explotación exitosa puede resultar en ejecución arbitraria de código.. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. • http://rhn.redhat.com/errata/RHSA-2017-0526.html http://www.securityfocus.com/bid/96861 http://www.securitytracker.com/id/1037994 https://helpx.adobe.com/security/products/flash-player/apsb17-07.html https://security.gentoo.org/glsa/201703-02 https://access.redhat.com/security/cve/CVE-2017-3001 https://bugzilla.redhat.com/show_bug.cgi?id=1432200 • CWE-416: Use After Free •