Catalyst Mahara Cross-Site Scripting Vulnerability (CNVD-2017-36189)

Catalyst Mahara is a social networking system from Catalyst IT in New Zealand. The system includes a blog, resume builder, file manager, and more. A security vulnerability exists in Catalyst Mahara. An attacker can exploit this vulnerability by maliciously creating a .swf file to execute code whe...

Adobe Flash Player Memory Error Referencing Arbitrary Code Execution Vulnerability (CNVD-2015-08233)

Adobe Flash Player is a widely used, proprietary multimedia program player. It was originally written by Macromedia and continued to be developed and distributed by Adobe after Macromedia was acquired by Adobe. A memory misreference vulnerability exists in Adobe Flash Player's handling of special...

Adobe Flash Player suffers from an unspecified buffer overflow vulnerability (CNVD-2015-00950)

Adobe Flash Player is a Flash file handling program. Adobe Flash Player suffers from an unspecified heap buffer overflow vulnerability that could allow an attacker to construct a malicious SWF file and trick a user into parsing it, which could be used in the context of an application to execute...

Adobe Flash Player suffers from an unspecified heap buffer overflow vulnerability (CNVD-2015-00942)

Adobe Flash Player is a Flash file handling program. Adobe Flash Player suffers from an unspecified heap buffer overflow vulnerability that could allow an attacker to construct a malicious SWF file and trick a user into parsing it, which could be used in the context of an application to execute...

Adobe Flash Player suffers from unspecified memory corruption vulnerability (CNVD-2015-00957)

Adobe Flash Player is a Flash file handling program. An unspecified memory corruption vulnerability exists in Adobe Flash Player that allows an attacker to construct a malicious SWF file and trick a user into parsing it, which can be used in an application context to execute arbitrary code...

Adobe Flash Player suffers from unspecified memory corruption vulnerability (CNVD-2015-00964)

Adobe Flash Player is a Flash file handling program. An unspecified memory corruption vulnerability exists in Adobe Flash Player that allows an attacker to construct a malicious SWF file and trick a user into parsing it, which can be used in an application context to execute arbitrary code...

Adobe Flash Player suffers from an unspecified null pointer reference vulnerability (CNVD-2015-00949)

Adobe Flash Player is a Flash file handling program. Adobe Flash Player suffers from an unspecified null pointer reference vulnerability that allows attackers to construct malicious SWF files that can be tricked into parsing by a user, which can execute arbitrary code in the application context...

Adobe Flash Player suffers from an unspecified heap buffer overflow vulnerability (CNVD-2015-00952)

Adobe Flash Player is a Flash file handling program. Adobe Flash Player suffers from an unspecified heap buffer overflow vulnerability that could allow an attacker to construct a malicious SWF file and trick a user into parsing it, which could be used in the context of an application to execute...

Adobe Flash Player suffers from unspecified type confusion vulnerability (CNVD-2015-00956)

Adobe Flash Player is a Flash file handling program. An unspecified type obfuscation vulnerability exists in Adobe Flash Player, which allows attackers to construct malicious SWF files that can be tricked into parsing by a user, which can then be used in an application context to execute arbitrar...

Adobe Flash Player suffers from an unspecified memory misreference vulnerability (CNVD-2015-00955)

Adobe Flash Player is a Flash file handling program. An unspecified memory misreference vulnerability exists in Adobe Flash Player that allows an attacker to construct a malicious SWF file and trick a user into parsing it, which can be used in an application context to execute arbitrary code...

Adobe Flash Player suffers from an unspecified memory corruption vulnerability (CNVD-2015-01030)

Adobe Flash Player is a Flash file handling program. A memory corruption vulnerability exists in Adobe Flash Player, which could be exploited by an attacker to construct a malicious SWF file that could be tricked into being parsed by a user to execute arbitrary code within the context of the...

Adobe Flash Player and AIR Remote Code Execution Vulnerability (CNVD-2015-00332)

Adobe Flash Player is a Flash file handling program.Adobe Air is a cross-OS runtime library from Adobe. A remote code execution vulnerability exists in Adobe Flash Player/AIR, which allows an attacker to construct a malicious SWF file, trick the user into parsing it, and execute arbitrary code in...

Adobe Flash Player and AIR Information Disclosure Vulnerability (CNVD-2015-00336)

Adobe Flash Player is a Flash file handling program.Adobe Air is a cross-OS runtime library from Adobe. An information leakage vulnerability exists in Adobe Flash Player/AIR that could allow an attacker to construct malicious SWF files, trick users into parsing them, and intercept user keystrokes...

Adobe Flash Player and AIR Remote Code Execution Vulnerability (CNVD-2015-00338)

Adobe Flash Player is a Flash file handling program.Adobe Air is a cross-OS runtime library from Adobe. A remote code execution vulnerability exists in Adobe Flash Player/AIR, which allows an attacker to construct a malicious SWF file, trick the user into parsing it, and execute arbitrary code in...

Adobe Flash Player and AIR suffer from an unspecified heap buffer overflow vulnerability (CNVD-2015-00333)

Adobe Flash Player is a Flash file handling program.Adobe Air is a cross-OS runtime library from Adobe. A heap buffer overflow vulnerability exists in Adobe Flash Player/AIR, which allows an attacker to construct a malicious SWF file and trick a user into parsing it to execute arbitrary code in t...

On the use of Adobe 0day – CVE-2 0 1 4-0 5 0 2 attack behavior analysis-vulnerability warning-the black bar safety net

The other day FireEye released a use AdobeFlash new 0day attack report, and Adobe has been based on vulnerabilities released a security update. According to FireEye report, many sites will redirect visitors to the following contain a Trojan the malicious Server: Peterson Institute for...

Stolen Winnti Certificates Used in Watering Hole Attack Against Tibet Orphans Site

The assault against Free Tibet and Uyghur supporters is unrelenting as another watering hole attack has been uncovered, this time against a caregiver site supporting Tibetan refugee children. The non-governmental organization NGO Tibetan Homes Foundation site remains compromised and is hosting a...

Adobe Flash Player DefineFontAlignZones Tag Code Execution (APSB11-12; CVE-2011-0626)

The Adobe Flash Player is a multimedia and application player that renders Shockwave Flash SWF files. A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to insufficient bounds checking by the Adobe Flash Player. A remote attacker can exploit th...

Adobe Flash Player: Arbitrary code execution

Background The Adobe Flash Player is a renderer for Flash files - commonly used to provide interactive websites, digital experiences and mobile content. Description The Adobe Flash Player contains multiple unspecified vulnerabilities. Impact An attacker could entice a user to view a malicious Fla...