Flash Player@10 Security Vulnerabilities and Issues — Flash Player@10 CVE List

Lucene search

AdobeFlash Player10

7 matches found

CVE•added 2012/03/05 9:55 p.m.•141 views

CVE-2012-0768

The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corrup...

10CVSS7.6AI score0.08027EPSS

CVE•added 2012/03/05 9:55 p.m.•139 views

CVE-2012-0769

Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x does not properly handle integers, which allows attackers to obtain sensitive information via unspecified vector...

5CVSS5.8AI score0.01948EPSS

CVE•added 2012/03/28 7:55 p.m.•128 views

CVE-2012-0772

An unspecified ActiveX control in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228, and AIR before 3.2.0.2070, on Windows does not properly perform URL security domain checking, which allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via un...

10CVSS7.7AI score0.24398EPSS

CVE•added 2008/11/17 10:21 p.m.•109 views

CVE-2008-4824

Multiple unspecified vulnerabilities in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0 allow remote attackers to execute arbitrary code via unknown vectors related to "input validation errors."

9.3CVSS7.5AI score0.32697EPSS

CVE•added 2008/12/08 11:30 a.m.•77 views

CVE-2008-5362

The DefineConstantPool action in the ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, accepts an untrusted input value for a "constant count," which allows remote attackers to read sensitive data from process memory via ...

4.3CVSS6.1AI score0.01538EPSS

CVE•added 2008/12/08 11:30 a.m.•73 views

CVE-2008-5361

The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, does not verify a member element's size when performing (1) DefineConstantPool, (2) ActionJump, (3) ActionPush, (4) ActionTry, and unspecified other actions, which all...

4.3CVSS6.1AI score0.01538EPSS

CVE•added 2008/12/08 11:30 a.m.•69 views

CVE-2008-5363

The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, does not validate character elements during retrieval from the dictionary data structure, which allows remote attackers to cause a denial of service (NULL pointer dere...

4.3CVSS6.2AI score0.01834EPSS