SUSE CVE-2012-1535

Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service application crash via crafted SWF content, as exploited in the wild in August 2012 with SWF...

SUSE CVE-2013-0643

The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attackers to execute arbitrary code via crafted...

Adobe Flash Player Memory Error Referencing Arbitrary Code Execution Vulnerability (CNVD-2015-08258)

Adobe Flash Player is a widely used, proprietary multimedia program player. It was originally written by Macromedia and continued to be developed and distributed by Adobe after Macromedia was acquired by Adobe. A memory misreference vulnerability exists in Adobe Flash Player's handling of special...

SUSE SLED11 Security Update : flash-player (SUSE-SU-2015:1258-1)

flash-player was updated to fix two security issues. These security issues were fixed : - CVE-2015-5123: Use-after-free vulnerability in the BitmapData class in the ActionScript 3 AS3 implementation in Adobe Flash Player allowed remote attackers to execute arbitrary code or cause a denial of...

Design/Logic Flaw

Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 AS3 implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome...

CVE-2015-5122

Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 AS3 implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome...

CVE-2015-5122

Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 AS3 implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome...

CVE-2015-5123

Use-after-free vulnerability in the BitmapData class in the ActionScript 3 AS3 implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installatio...

Design/Logic Flaw

Use-after-free vulnerability in the ByteArray class in the ActionScript 3 AS3 implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of...

CVE-2015-5119

Use-after-free vulnerability in the ByteArray class in the ActionScript 3 AS3 implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of...

Adobe Flash ByteArray Use-After-Free

Use-after-free vulnerability in the ByteArray class in the ActionScript 3 AS3 implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of...

CVE-2014-7906

Use-after-free vulnerability in the Pepper plugins in Google Chrome before 39.0.2171.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted Flash content that triggers an attempted PepperMediaDeviceManager access outside of the object's...

CVE-2014-7906

CVE-2014-7906 describes a use-after-free in the Pepper plugins of Google Chrome prior to 39.0.2171.65. A crafted Flash content exploit can trigger a PepperMediaDeviceManager access outside of the object’s lifetime, potentially causing a denial of service and other impacts. The remediation is to u...

Adobe Flash Player and AIR String Concatenation Integer Overflow (CVE-2014-0550)

An integer overflow vulnerability exists in Adobe Flash Player. Successful exploitation could result in arbitrary code execution in the context of the currently logged in user. The vulnerability is due to an error while concatenating large strings. A remote attacker could exploit this vulnerabili...

Adobe Flash Player Object Confusion Remote Code Execution Vulnerability (Mac OS X)

This host is installed with Adobe Flash Player and is prone to object confusion remote code execution vulnerability. OpenVAS Vulnerability Test $Id: gbadobeflashplayerobjcodeexecvulnmacosx.nasl 5956 2017-04-14 09:02:12Z teissa $ Adobe Flash Player Object Confusion Remote Code Execution...

Adobe Flash Player Object Confusion Remote Code Execution Vulnerability (Linux)

This host is installed with Adobe Flash Player and is prone to object confusion remote code execution vulnerability. OpenVAS Vulnerability Test $Id: gbadobeflashplayerobjcodeexecvulnlin.nasl 5956 2017-04-14 09:02:12Z teissa $ Adobe Flash Player Object Confusion Remote Code Execution Vulnerability...

CVE-2011-2836

Google Chrome before 14.0.835.163 does not require Infobar interaction before use of the Windows Media Player plug-in, which makes it easier for remote attackers to have an unspecified impact via crafted Flash content...

Code injection

Google Chrome before 14.0.835.163 does not require Infobar interaction before use of the Windows Media Player plug-in, which makes it easier for remote attackers to have an unspecified impact via crafted Flash content...

CVE-2011-2836

Google Chrome before 14.0.835.163 does not require Infobar interaction before use of the Windows Media Player plug-in, which makes it easier for remote attackers to have an unspecified impact via crafted Flash content...

CVE-2011-2836

CVE-2011-2836 (Google Chrome): Affects Google Chrome prior to 14.0.835.163. The issue arises because Chrome does not require Infobar interaction before using the Windows Media Player plug‑in, enabling remote attackers to cause an unspecified impact via crafted Flash content. The CVSSv2 base score...