148 matches found
UBUNTU-CVE-2018-9132
libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file...
Memory Misreference Vulnerability in libming 'decompileGETVARIABLE' Function
libming is a Flash SWF output library written in C for use in systems developed in PHP, Perl, etc. It can be used to output Flash SWF files to the system. A memory misreference vulnerability exists in the 'decompileGETVARIABLE' function of the decompile.c file in libming version 0.4.8. A remote...
UBUNTU-CVE-2018-8963
In libming 0.4.8, the decompileGETVARIABLE function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file...
Memory Misreference Vulnerability in libming 'decompileIF' Function
libming is a Flash SWF output library written in C for use in systems developed in PHP, Perl, etc. It can be used to output Flash SWF files to the system. A memory misreference vulnerability exists in the 'decompileIF' function in the util/decompile.c file in libming 0.4.8 and earlier versions. A...
UBUNTU-CVE-2018-6359
The decompileIF function util/decompile.c in libming through 0.4.8 is vulnerable to a use-after-free, which may allow attackers to cause a denial of service or unspecified other impact via a crafted SWF file...
Microsoft Office - OLE Multiple DLL Side Loading Vulnerabilities (MS15-132/MS16-014/MS16-025/MS16-04
Exploit for windows platform in category local exploits require 'zip' require 'base64' require 'msf/core' require 'rex/ole' class MetasploitModule 'Office OLE Multiple DLL Side Loading Vulnerabilities', 'Description' = %q Multiple DLL side loading vulnerabilities were found in various COM...
DEBIAN-CVE-2016-6671
The rawdecode function in libavcodec/rawdec.c in FFmpeg before 3.1.2 allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a crafted SWF file...
ALPINE-CVE-2016-6881
The zlibrefill function in libavformat/swfdec.c in FFmpeg before 3.1.3 allows remote attackers to cause an infinite loop denial of service via a crafted SWF file...
UBUNTU-CVE-2016-6881
The zlibrefill function in libavformat/swfdec.c in FFmpeg before 3.1.3 allows remote attackers to cause an infinite loop denial of service via a crafted SWF file...
Adobe Flash Player Memory Error Referencing Arbitrary Code Execution Vulnerability (CNVD-2016-09443)
Adobe Flash Player is a cross-platform, browser-based multimedia player product. Adobe Flash Player suffers from a memory error referencing arbitrary code execution vulnerability that can be exploited by remote attackers to construct a malicious SWF file, which can be parsed by the user to crash...
Exploit Kits Quickly Adopt Exploit Thanks to Open Source Release
A security researcher recently published source code for a working exploit for CVE-2016-0189 and the Neutrino Exploit Kit EK quickly adopted it. CVE-2016-0189 was originally exploited as a zero-day vulnerability in targeted attacks in Asia. The vulnerability resides within scripting engines in...
The vulnerability of Adobe Pepper Flash software for Google Chrome allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability exists in Adobe Pepper Flash for Google Chrome due to an incorrect limitation of the SWF file format. Exploiting this vulnerability allows malicious actors to carry out attacks on endpoints using JSONP requests through Cross-Site Request Forgery CSRF. These actors can gain acces...
Vulnerability of Adobe AIR software, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information
The vulnerability exists in Adobe AIR due to an incorrect limitation on the SWF file format. Exploiting this vulnerability allows malicious actors to execute attacks on JSONP endpoints using Cross-Site Request Forgery CSRF. They can also gain access to confidential information by using specially...
Unspecified heap overflow vulnerability in Microsoft Internet Explorer and Microsoft Edge Adobe Flash Player (CNVD-2016-04140)
Adobe Flash Player is a multimedia player product; Adobe AIR SDK and Adobe AIR SDK & Compiler are both standard development kits for Adobe AIR.Microsoft Internet Explorer and Microsoft Edge are popular web browsers. An unspecified heap overflow vulnerability exists in Adobe Flash Player used in t...
Unspecified Memory Misreference Vulnerability in Microsoft Internet Explorer and Microsoft Edge Adobe Flash Player (CNVD-2016-04139)
Adobe Flash Player is a multimedia player product; Adobe AIR SDK and Adobe AIR SDK & Compiler are both standard development kits for Adobe AIR.Microsoft Internet Explorer and Microsoft Edge are popular web browsers. An unspecified memory misreference vulnerability exists in Adobe Flash Player use...
Adobe Flash Player Memory Error Referencing Arbitrary Code Execution Vulnerability (CNVD-2015-08240)
Adobe Flash Player is a widely used, proprietary multimedia program player. It was originally written by Macromedia and continued to be developed and distributed by Adobe after Macromedia was acquired by Adobe. A memory misreference vulnerability exists in Adobe Flash Player's handling of special...
Adobe Flash Player Memory Error Referencing Arbitrary Code Execution Vulnerability (CNVD-2015-08206)
Adobe Flash Player is a widely used, proprietary multimedia program player. It was originally written by Macromedia and continued to be developed and distributed by Adobe after Macromedia was acquired by Adobe. A memory misreference vulnerability exists in Adobe Flash Player's handling of special...
Adobe Flash Player Memory Error Referencing Arbitrary Code Execution Vulnerability (CNVD-2015-08201)
Adobe Flash Player is a widely used, proprietary multimedia program player. It was originally written by Macromedia and continued to be developed and distributed by Adobe after Macromedia was acquired by Adobe. A memory misreference vulnerability exists in Adobe Flash Player's handling of special...
Adobe Flash Player Memory Error Referencing Arbitrary Code Execution Vulnerability (CNVD-2015-08236)
Adobe Flash Player is a widely used, proprietary multimedia program player. It was originally written by Macromedia and continued to be developed and distributed by Adobe after Macromedia was acquired by Adobe. A memory misreference vulnerability exists in Adobe Flash Player's handling of special...
Adobe Flash Player Memory Misreference Vulnerability (CNVD-2015-08252)
Adobe Flash Player is a widely used, proprietary multimedia program player. It was originally written by Macromedia and continued to be developed and distributed by Adobe after Macromedia was acquired by Adobe. A memory misreference vulnerability exists in Adobe Flash Player's handling of special...