Lucene search
K

102 matches found

Exploit DB
Exploit DB
added 2015/12/17 12:0 a.m.31 views

Adobe Flash TextField.gridFitType Setter - Use-After-Free

Source: https://code.google.com/p/google-security-research/issues/detail?id=559 There is a use-after-free in the TextField gridFitType setter. If it is set to an object with a toString method that frees the TextField, the property will be written after it is freed. A PoC is as follows: var toptf ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2015/12/17 12:0 a.m.31 views

Adobe Flash TextField.antiAliasType Setter - Use-After-Free

Source: https://code.google.com/p/google-security-research/issues/detail?id=560 There is a use-after-free in the TextField antiAliasType setter. If it is set to an object with a toString method that frees the TextField, the property will be written after it is freed. A PoC is as follows: var topt...

7.4AI score
Exploits0
OSV
OSV
added 2015/12/10 6:0 a.m.2 views

UBUNTU-CVE-2015-8450

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute...

9.3CVSS7.6AI score0.06538EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2015/12/10 6:0 a.m.14 views

CVE-2015-8450

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute...

9.3CVSS7.2AI score0.06538EPSS
Exploits0References3
Prion
Prion
added 2015/12/10 6:0 a.m.15 views

Design/Logic Flaw

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute...

9.3CVSS8.8AI score0.43408EPSS
Exploits18References11Affected Software4
OSV
OSV
added 2015/12/10 5:59 a.m.5 views

UBUNTU-CVE-2015-8049

Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before...

9.3CVSS7.6AI score0.05658EPSS
Exploits0References4
CVE
CVE
added 2015/12/10 2:0 a.m.83 views

CVE-2015-8049

Technical details about CVE-2015-8049 are not provided in the connected documents. Monitor official advisories for updates; the supplied materials do not specify affected products/versions or fixes.

9.3CVSS9AI score0.05658EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2015/12/10 2:0 a.m.26 views

CVE-2015-8450

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute...

9.1AI score0.06538EPSS
Exploits0References11
CVE
CVE
added 2015/12/10 2:0 a.m.80 views

CVE-2015-8450

Technical details for CVE-2015-8450 are not publicly available in the provided connected documents; monitor for updates from official advisories.

9.3CVSS9.1AI score0.06538EPSS
Exploits0References11Affected Software1
RedHat Linux
RedHat Linux
added 2015/12/09 1:36 p.m.4 views

flash-plugin: multiple code execution issues fixed in APSB15-32

Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before...

9.3CVSS6.2AI score0.05658EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
added 2015/12/08 12:0 a.m.28 views

Adobe Flash AS2 TextField filters Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the TextField object...

6.8CVSS8.8AI score0.06538EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2015/12/08 12:0 a.m.21 views

Adobe Flash TextField autoSize Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the TextField object...

6.8CVSS8.8AI score0.05658EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2015/12/08 12:0 a.m.6 views

PT-2015-2923 · Adobe +3 · Flash +5

Name of the Vulnerable Software and Affected Versions: Adobe Flash affected versions not specified Description: The issue is related to the implementation of the TextField object in Flash Player and Adobe Integrated Runtime, specifically concerning the use of memory after it has been freed. This...

10CVSS8.9AI score0.43408EPSS
Exploits21References441
Positive Technologies
Positive Technologies
added 2015/12/08 12:0 a.m.3 views

PT-2015-2893 · Adobe +3 · Flash Player +4

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player affected versions not specified Adobe Integrated Runtime affected versions not specified Description: The issue is related to the use of memory after it has been freed, which can be exploited by a remote attacker to execute...

10CVSS9.2AI score0.43408EPSS
Exploits21References444
Zero Day Initiative
Zero Day Initiative
added 2015/11/10 12:0 a.m.30 views

Adobe Flash AS2 TextField gridFitType Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the TextField object...

6.8CVSS6.4AI score0.246EPSS
Exploits1References1
exploitpack
exploitpack
added 2015/08/19 12:0 a.m.11 views

Adobe Flash - textfield.gridFitType Use-After-Free

Adobe Flash - textfield.gridFitType Use-After-Free Source: https://code.google.com/p/google-security-research/issues/detail?id=418&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id There is a use-after-free in the TextField gridFitType setter. A PoC is below: var test =...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2015/08/19 12:0 a.m.21 views

Adobe Flash AS2 - textfield.filters Use-After-Free (3)

Adobe Flash AS2 - textfield.filters Use-After-Free 3 Source: https://code.google.com/p/google-security-research/issues/detail?id=444&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id Tracking for https://code.google.com/p/chromium/issues/detail?id=498984 Credit is to bilou,...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2015/08/19 12:0 a.m.19 views

Adobe Flash - textfield.gridFitType Use-After-Free

Source: https://code.google.com/p/google-security-research/issues/detail?id=418&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id There is a use-after-free in the TextField gridFitType setter. A PoC is below: var test = this.createTextField"test", 1, 0, 0, 100, 100; var n =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2015/08/19 12:0 a.m.30 views

Adobe Flash AS2 - textfield.filters Use-After-Free (3)

Source: https://code.google.com/p/google-security-research/issues/detail?id=444&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id Tracking for https://code.google.com/p/chromium/issues/detail?id=498984 Credit is to bilou, working with the Chromium Vulnerability Rewards Progra...

7.4AI score
Exploits0
NVD
NVD
added 2014/07/22 2:55 p.m.22 views

CVE-2014-5022

Cross-site scripting XSS vulnerability in the Ajax system in Drupal 7.x before 7.29 allows remote attackers to inject arbitrary web script or HTML via vectors involving forms with an Ajax-enabled textfield and a file field...

4.3CVSS5.4AI score0.00995EPSS
Exploits0References2
Rows per page
Query Builder