CVSS: 9.3EPSS: 0%CPEs: 40EXPL: 1CVE-2009-1868 – Adobe Flash Player 10.0.22 / AIR - URI Parsing Heap Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2009-1868
Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving URL parsing. Desbordamiento de búfer basado en memoria dinámica en Adobe Flash Player versiones anteriores a v9.0.246.0 y v10.x anteriores a v10.0.32.18, y Adobe AIR versiones anteriores a v1.5.2, permite a atacantes remotos provocar una denegación de servicio (finalización de la aplicación) o posiblemente ejecutar código de su elección mediante vectores no especificados relacionados con el análisis sintáctico de una URL. • https://www.exploit-db.com/exploits/33133 http://lists.apple.com/archives/security-announce/2009/Sep/msg00003.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html http://osvdb.org/56776 http://secunia.com/advisories/36193 http://secunia.com/advisories/36374 http://secunia.com/advisories/36701 http://security.gentoo.org/glsa/glsa-200908-04.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1 http://support.apple.com/kb/HT3864 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 40EXPL: 0CVE-2009-1863 – flash-plugin: multiple code execution flaws (APSB09-10)
https://notcve.org/view.php?id=CVE-2009-1863
Unspecified vulnerability in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to a "privilege escalation vulnerability." Vulnerabilidad no especificada en Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, permite a atacantes remotos provocar una denegación de servicio (finalización de la aplicación) o posiblemente ejecutar código de su elección mediante vectores no especificados, relacionados con una vulnerabilidad de escalada de privilegios. • http://lists.apple.com/archives/security-announce/2009/Sep/msg00003.html http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html http://secunia.com/advisories/36193 http://secunia.com/advisories/36374 http://secunia.com/advisories/36701 http://security.gentoo.org/glsa/glsa-200908-04.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-266108-1 http://support.apple.com/kb/HT3864 http://support.apple.com/kb/HT3865 http://www.adobe.com/support/secu • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2008-5361
https://notcve.org/view.php?id=CVE-2008-5361
The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, does not verify a member element's size when performing (1) DefineConstantPool, (2) ActionJump, (3) ActionPush, (4) ActionTry, and unspecified other actions, which allows remote attackers to read sensitive data from process memory via a crafted PDF file. La máquina virtual ActionScript v2 en Adobe Flash Player v10.x anteriores a v10.0.12.36 y en v9.x anteriores a v9.0.151.0, y en Adobe AIR anteriores a v1.5, no verifica el tamaño de un elemento miembro cuando realiza las acciones (1) DefineConstantPool, (2) ActionJump, (3) ActionPush, (4) ActionTry, y otras acciones no especificadas, permitiendo a atacantes remotos leer información sensible del proceso en memoria mediante un fichero PDF modificado. • http://secunia.com/advisories/33390 http://secunia.com/advisories/34226 http://security.gentoo.org/glsa/glsa-200903-23.xml http://securityreason.com/securityalert/4692 http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1 http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm http://www.adobe.com/support/security/bulletins/apsb08-22.html http://www.isecpartners.com/advisories/2008-01-flash.txt http://www.securityfocus.com/archive/1/498561/100/0/threaded https: • CWE-399: Resource Management Errors •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2008-5362
https://notcve.org/view.php?id=CVE-2008-5362
The DefineConstantPool action in the ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, accepts an untrusted input value for a "constant count," which allows remote attackers to read sensitive data from process memory via a crafted PDF file. La acción "DefineConstantPool" en la máquina virtual ActionScript v2 en Adobe Flash Player v10.x anteriores a v10.0.12.36 y v9.x anteriores a v9.0.151.0, y en Adobe AIR anteriores a v1.5, acepta un valor de entrada no confiable en un "contador constante", permitiendo a atacantes remotos leer información sensible del proceso en memoria mediante un fichero PDF modificado. • http://secunia.com/advisories/33390 http://secunia.com/advisories/34226 http://security.gentoo.org/glsa/glsa-200903-23.xml http://securityreason.com/securityalert/4692 http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1 http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm http://www.adobe.com/support/security/bulletins/apsb08-22.html http://www.isecpartners.com/advisories/2008-01-flash.txt http://www.securityfocus.com/archive/1/498561/100/0/threaded https: • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 1%CPEs: 3EXPL: 0CVE-2008-5363
https://notcve.org/view.php?id=CVE-2008-5363
The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, does not validate character elements during retrieval from the dictionary data structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF file. La máquina virtual ActionScript v2 en Adobe Flash Player v10.x anteriores a v10.0.12.36 y en v9.x anteriores a v9.0.151.0, y en Adobe AIR anteriores a v1.5, no realizan validación de los caracteres de los elementos durante la recuperación de la estructura de datos del diccionario, permitiendo a atacantes remotos provocar una denegación de servicio (referencia a puntero NULO y parada de la aplicación) mediante un fichero PDF modificado. • http://secunia.com/advisories/33390 http://secunia.com/advisories/34226 http://security.gentoo.org/glsa/glsa-200903-23.xml http://securityreason.com/securityalert/4692 http://sunsolve.sun.com/search/document.do?assetkey=1-26-248586-1 http://support.avaya.com/elmodocs2/security/ASA-2009-020.htm http://www.adobe.com/support/security/bulletins/apsb08-22.html http://www.isecpartners.com/advisories/2008-01-flash.txt http://www.securityfocus.com/archive/1/498561/100/0/threaded https: • CWE-399: Resource Management Errors •