CVSS: 8.8EPSS: 68%CPEs: 4EXPL: 1CVE-2006-3311
https://notcve.org/view.php?id=CVE-2006-3311
12 Sep 2006 — Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie. Desbordamiento de búfer en Adobe Flash Player 8.0.24.0 y anteriores, Flash Professional 8, Flash MX 2004, y Flex 1.5 permite a un atacante con la complicidad del usuario ejecutar código de su elección a través de una cadena grande y creada dinamicamente en una película SWF. • http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html •
CVSS: 9.1EPSS: 11%CPEs: 4EXPL: 0CVE-2006-4640
https://notcve.org/view.php?id=CVE-2006-4640
12 Sep 2006 — Unspecified vulnerability in Adobe Flash Player before 9.0.16.0 allows user-assisted remote attackers to bypass the allowScriptAccess protection via unspecified vectors. Vulnerabilidad no especificada en Adobe Flash Player anterior 9.0.16.0 permite a un atacante remoto con la complicidad del usuario puentear la protección de allowScriptAccess a través de vectores no especificados. • http://lists.apple.com/archives/security-announce/2006/Sep/msg00002.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.8EPSS: 66%CPEs: 14EXPL: 0CVE-2006-0024
https://notcve.org/view.php?id=CVE-2006-0024
15 Mar 2006 — Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file. • http://docs.info.apple.com/article.html?artnum=307179 •
CVSS: 9.8EPSS: 79%CPEs: 8EXPL: 3CVE-2005-3591 – Macromedia Flash Plugin 7.0.19.0 - 'action' Denial of Service
https://notcve.org/view.php?id=CVE-2005-3591
16 Nov 2005 — Macromedia Flash plugin (1) Flash.ocx 7.0.19.0 (Windows) and earlier and (2) libflashplayer.so before 7.0.25.0 (Unix) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via parameters to the ActionDefineFunction ActionScript call in a SWF file, which causes an improper memory access condition, a different vulnerability than CVE-2005-2628. • https://www.exploit-db.com/exploits/1331 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 87%CPEs: 8EXPL: 0CVE-2005-2628
https://notcve.org/view.php?id=CVE-2005-2628
05 Nov 2005 — Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer. • http://lists.apple.com/archives/security-announce/2006/May/msg00003.html •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 2CVE-2003-1017 – Macromedia Flash Player 6.0.x - Flash Cookie Predictable File Location
https://notcve.org/view.php?id=CVE-2003-1017
17 Dec 2003 — Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is accessible to web browsers such as Internet Explorer and Opera, which allows remote attackers to read restricted files via vulnerabilities in web browsers whose exploits rely on predictable names. El Reproductor de Macromedia Flash en versiones anteriores a 7,0,19,0 almacena un fichero de datos de Flash en una localización predecible, accesible a navegadores web como Internet Explorer y Opera, lo que permite a... • https://www.exploit-db.com/exploits/23298 •