K74327432: F5 Container Ingress Services vulnerability CVE-2019-6648

Security Advisory Description If DEBUG logging is enabled, F5 Container Ingress Services CIS for Kubernetes and Red Hat OpenShift k8s-bigip-ctlr log files may contain BIG-IP system secrets such as SSL Private Keys and Private key Passphrases as provided as inputs by an AS3 Declaration...

SUSE CVE-2015-5122

Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 AS3 implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome...

Design/Logic Flaw

On version 1.9.0, If DEBUG logging is enable, F5 Container Ingress Service CIS for Kubernetes and Red Hat OpenShift k8s-bigip-ctlr log files may contain BIG-IP secrets such as SSL Private Keys and Private key Passphrases as provided as inputs by an AS3 Declaration...

CVE-2019-6648

On version 1.9.0, If DEBUG logging is enable, F5 Container Ingress Service CIS for Kubernetes and Red Hat OpenShift k8s-bigip-ctlr log files may contain BIG-IP secrets such as SSL Private Keys and Private key Passphrases as provided as inputs by an AS3 Declaration...

CVE-2019-6648

CVE-2019-6648 affects F5 Container Ingress Services for Kubernetes and Red Hat OpenShift (k8s-bigip-ctlr) version 1.9.0. When DEBUG logging is enabled, CIS log files may disclose BIG-IP secrets (SSL private keys and private key passphrases) supplied via an AS3 Declaration. Impact is exposure of s...

Toshiba VFAS3-2007P AS3 ASD Drive Detection

Binary data 757917.prm...

Toshiba VFAS3-2075P AS3 ASD Drive Detection

Binary data 757922.prm...

Toshiba VFAS3-2055P AS3 ASD Drive Detection

Binary data 757921.prm...

Toshiba VFAS3-4750PCE ASD Drive Detection

Binary data 757969.prm...

FLASHMINGO: The FireEye Open Source Automatic Analysis Tool for Flash

Adobe Flash is one of the most exploited software components of the last decade. Its complexity and ubiquity make it an obvious target for attackers. Public sources list more than one thousand CVEs being assigned to the Flash Player alone since 2005. Almost nine hundred of these vulnerabilities...

Internet Bug Bounty: Adobe Flash Player ShimContentResolver(resolverType=1) class Memory Corruption Vulnerability

I. Summary Adobe Flash Player is prone to a vulnerability which leads to memory corruption because of improper validation of ShimContentResolver.resolve. ------------------------------------------------------------------ II. Description Normally, resolve should validate its parameter with...

Internet Bug Bounty: Adobe Flash Player ShimOpportunityGenerator class Memory Corruption Vulnerability

I. Summary Adobe Flash Player is prone to a vulnerability which leads to memory corruption because of improper validation of ShimOpportunityGenerator.configure. ------------------------------------------------------------------ II. Description Normally, configure should validates its parameter an...

Adobe Flash - textfield Constructor Type Confusion

Exploit for multiple platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=701 There is a type confusion vulnerability in the TextField constructor in AS3. When a TextField is constructed, a generic backing object is created and reused when...

Adobe Flash - textfield Constructor Type Confusion

Adobe Flash - textfield Constructor Type Confusion Source: https://code.google.com/p/google-security-research/issues/detail?id=701 There is a type confusion vulnerability in the TextField constructor in AS3. When a TextField is constructed, a generic backing object is created and reused when...

Adobe Flash - textfield Constructor Type Confusion

Source: https://code.google.com/p/google-security-research/issues/detail?id=701 There is a type confusion vulnerability in the TextField constructor in AS3. When a TextField is constructed, a generic backing object is created and reused when subsequent TextField objects are created. However, if a...

Adobe Flash AS3 ShaderParameter Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Shader filters. ...

Google Chrome < 43.0.2357.134 Multiple RCE Vulnerabilities

Binary data 8882.pasl...

lib32-flashplugin: arbitrary code execution

CVE-2015-5122 arbitrary code execution Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 AS3 implementation allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted Flash content that leverages improper handling of...

CVE-2015-5122

CVE-2015-5122 involves a Use-After-Free in the DisplayObject class of the AS3 Flash Player. It affects Flash Player 13.x–18.x on Windows/macOS, 11.x–11.2.x on Linux, and 12.x–18.0.0.204 on Linux Chrome. The flaw, triggered by improper handling of the opaqueBackground property, enables remote code...

CVE-2015-5123

CVE-2015-5123 describes a use-after-free in the BitmapData class of the ActionScript 3 (AS3) implementation in Adobe Flash Player . The vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) by crafting Flash content that overrides a value...