Flash Player@8 Security Vulnerabilities and Issues — Flash Player@8 CVE List

Lucene search

AdobeFlash Player8

10 matches found

CVE•added 2006/09/12 11:7 p.m.•61 views

CVE-2006-3311

Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.

5.1CVSS7.6AI score0.57875EPSS

CVE•added 2008/10/09 6:0 p.m.•61 views

CVE-2008-4503

The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to cause victims to unknowingly click on a link or dialog via access control dialogs disguised as normal graphical elements, as demonstrated by hijacking the camera or microphone, and related to "clickjacking."

6.8CVSS6.3AI score0.04555EPSS

CVE•added 2008/04/09 9:5 p.m.•59 views

CVE-2007-6019

Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via an SWF file with a modified DeclareFunction2 Actionscript tag, which prevents an object from being instantiated properly.

9.3CVSS7.4AI score0.66216EPSS

CVE•added 2006/09/12 11:7 p.m.•58 views

CVE-2006-4640

Unspecified vulnerability in Adobe Flash Player before 9.0.16.0 allows user-assisted remote attackers to bypass the allowScriptAccess protection via unspecified vectors.

6.8CVSS6.3AI score0.29973EPSS

CVE•added 2009/12/10 7:30 p.m.•57 views

CVE-2009-3794

Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file.

9.3CVSS8AI score0.08236EPSS

CVE•added 2009/12/10 7:30 p.m.•57 views

CVE-2009-3798

Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.

9.3CVSS7.8AI score0.04349EPSS

CVE•added 2009/12/10 7:30 p.m.•55 views

CVE-2009-3799

Integer overflow in the Verifier::parseExceptionHandlers function in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via an SWF file with a large exception_count value that triggers memory corruption, related to "generation of Action...

9.3CVSS8AI score0.12942EPSS

CVE•added 2009/12/10 7:30 p.m.•52 views

CVE-2009-3796

Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors, related to a "data injection vulnerability."

9.3CVSS8AI score0.0288EPSS

CVE•added 2009/12/10 7:30 p.m.•50 views

CVE-2009-3800

Multiple unspecified vulnerabilities in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allow attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.

9.3CVSS8.1AI score0.04349EPSS

CVE•added 2009/12/10 7:30 p.m.•47 views

CVE-2009-3951

Unspecified vulnerability in the Flash Player ActiveX control in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 on Windows allows remote attackers to obtain the names of local files via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4820.

7.1CVSS7.4AI score0.06895EPSS