20 matches found
Mageia: Security Advisory (MGASA-2017-0377)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-11292
Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution...
CVE-2017-11292
Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution...
CVE-2017-11292
Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution. Recent...
CVE-2017-11292
Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index. This can lead to type confusion, and successful exploitation could lead to arbitrary code execution...
CVE-2017-11292
Adobe Flash Player
Updated flash-player-plugin packages fix security vulnerability
Adobe Flash Player 27.0.0.170 addresses a critical type confusion vulnerability that could lead to code execution CVE-2017-11292. Adobe is aware of a report that an exploit for CVE-2017-11292 exists in the wild, and is being used in limited, targeted attacks against users running Windows...
Adobe Flash Player <= 27.0.0.159 Type Confusion Vulnerability (APSB17-32)
The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 27.0.0.159. It is, therefore, affected by an unspecified type confusion flaw that is caused by input not being properly validated. An unauthenticated, remote attacker can exploit this, by convincin...
Adobe Flash Player for Mac <= 27.0.0.159 Multiple Vulnerabilities (APSB17-32)
The version of Adobe Flash Player installed on the remote macOS or Mac OS X host is equal or prior to version 27.0.0.159. It is, therefore, affected by an unspecified type confusion flaw that is caused by input not being properly validated. An unauthenticated, remote attacker can exploit this, by...
October 2017 Adobe Flash Security Update
This security update addresses the following vulnerability, which is described in Adobe Security Bulletin APSB17-32: CVE-2017-11292...
FreeBSD : Flash Player -- Remote code execution (a73518da-b2fa-11e7-98ef-d43d7ef03aa6)
Adobe reports : - This update resolves a type confusion vulnerability that could lead to remote code execution CVE-2017-11292. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright...
KLA11121 ACE vulnerability in Adobe Flash Player
A remote code execution vulnerability was found in Adobe Flash Player. This vulnerability can be exploited via a specially designed MS Office document to execute arbitrary code. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, install latest...
Adobe Flash Player Security Update (APSB17-32) - Mac OS X
Adobe Flash Player is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2017-11292
creationtimestamp| type| source ---|---|--- 2017-10-16 15:03:08+00:00| seen| MISP/59e4c923-a6e0-4894-a6a8-994d950d210f 2017-10-16 17:56:56+00:00| exploited| https://t.me/informationsecuritychannel/10023 2017-10-16 19:53:28+00:00| seen| MISP/59e50d7c-e7cc-44f6-9f15-02afac12042b 2017-10-17...
BlackOasis APT and new targeted attacks leveraging zero-day exploit
More information about BlackOasis APT is available to customers of Kaspersky Intelligence Reporting Service. Contact: [email protected] Introduction Kaspersky Lab has always worked closely with vendors to protect users. As soon as we find new vulnerabilities we immediately inform the...
Hackers Use New Flash Zero-Day Exploit to Distribute FinFisher Spyware
FinSpy—the infamous surveillance malware is back and infecting high-profile targets using a new Adobe Flash zero-day exploit delivered through Microsoft Office documents. Security researchers from Kaspersky Labs have discovered a new zero-day remote code execution vulnerability in Adobe Flash,...
Adobe Flash Player CVE-2017-11292 Type Confusion Remote Code Execution Vulnerability
Description Adobe Flash Player is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Technologies Affected...
[ASA-201710-21] lib32-flashplugin: arbitrary code execution
Arch Linux Security Advisory ASA-201710-21 ========================================== Severity: Critical Date : 2017-10-16 CVE-ID : CVE-2017-11292 Package : lib32-flashplugin Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-450 Summary ======= The package...
[ASA-201710-20] flashplugin: arbitrary code execution
Arch Linux Security Advisory ASA-201710-20 ========================================== Severity: Critical Date : 2017-10-16 CVE-ID : CVE-2017-11292 Package : flashplugin Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-449 Summary ======= The package flashplug...
VulnCheck KEV: CVE-2017-11292
Adobe Flash Player contains a type confusion vulnerability which can allow for remote code execution...