31 matches found
Adobe Flash - FileReference Class Type Confusion
Source: https://code.google.com/p/google-security-research/issues/detail?id=422&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id There is a type confusion issue in the TextFormat constructor that is reachable because the FileReference constructor does not verify that the...
Adobe Flash - FileReference Class Type Confusion
Adobe Flash - FileReference Class Type Confusion Source: https://code.google.com/p/google-security-research/issues/detail?id=422&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id There is a type confusion issue in the TextFormat constructor that is reachable because the...
Internet Bug Bounty: Adobe Flash Player FileReference Use-after-Free Vulnerability
Adobe Flash Player FileReference Use-after-Free Vulnerability ------------------------------------------------------------------ I. Summary Adobe Flash Player is prone to a vulnerability which leads to Use-after-Free. The FileReference Object which is used to access local files, when wrapped insi...
Adobe Flash Player FileReference API任意文件上传/下载漏洞
CVECAN ID: CVE-2008-4401 Flash Player是一款非常流行的FLASH播放器。 Adobe Flash Player中的ActionScript对FileReference上传API的FileReference.browse操作或FileReference下载API的FileReference.download操作没有要求用户交互,用户可能在不知情的情况下上传或下载恶意文件 Adobe Flash Player 9.0.124.0 Adobe ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
flash-plugin: upload/download user interaction
ActionScript in Adobe Flash Player 9.0.124.0 and earlier does not require user interaction in conjunction with 1 the FileReference.browse operation in the FileReference upload API or 2 the FileReference.download operation in the FileReference download API, which allows remote attackers to create ...
CVE-2008-4401
ActionScript in Adobe Flash Player 9.0.124.0 and earlier does not require user interaction in conjunction with 1 the FileReference.browse operation in the FileReference upload API or 2 the FileReference.download operation in the FileReference download API, which allows remote attackers to create ...
CVE-2008-4401
ActionScript in Adobe Flash Player 9.0.124.0 and earlier does not require user interaction in conjunction with 1 the FileReference.browse operation in the FileReference upload API or 2 the FileReference.download operation in the FileReference download API, which allows remote attackers to create ...
Design/Logic Flaw
ActionScript in Adobe Flash Player 9.0.124.0 and earlier does not require user interaction in conjunction with 1 the FileReference.browse operation in the FileReference upload API or 2 the FileReference.download operation in the FileReference download API, which allows remote attackers to create ...
Adobe Flash Player Multiple Security Bypass Vulnerabilities (Windows)
This host has Adobe Flash Player installed and is prone to multiple security bypass vulnerabilities. OpenVAS Vulnerability Test $Id: gbadobeflashplayersecbypassvulnwin.nasl 8178 2017-12-19 13:42:38Z cfischer $ Adobe Flash Player Multiple Security Bypass Vulnerabilities Windows Authors: Chandan S...
Adobe Flash Player Multiple Security Bypass Vulnerabilities - Linux
Adobe Flash Player is prone to multiple security bypass vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Adobe Flash Player Multiple Security Bypass Vulnerabilities - Windows
Adobe Flash Player is prone to multiple security bypass vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...