HIGH7.5
Уязвимость программной платформы Flash Player, позволяющая нарушителю обойти механизм защиты
CVSS 2.0HIGH 7.5
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:PReferences
ALT-PU-2017-1033-1Package update adobe-flash-player in branch t7
Severity:
Closed issues (26)
CRITICAL10.0
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
CRITICAL10.0
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
CRITICAL10.0
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
CRITICAL10.0
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
CRITICAL10.0
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
CRITICAL10.0
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
CRITICAL10.0
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
CRITICAL10.0
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
CRITICAL10.0
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
CRITICAL10.0
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
CRITICAL10.0
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
CRITICAL10.0
Уязвимость программной платформы Flash Player, позволяющая нарушителю выполнить произвольный код
CVSS 2.0CRITICAL 10.0
CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:CReferences
HIGH8.8
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability in the JPEG XR codec. Successful exploitation could lead to arbitrary code execution.
CVSS 2.0CRITICAL 9.3
CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:CCVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95350
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95350
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
HIGH8.8
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files. Successful exploitation could lead to arbitrary code execution.
CVSS 2.0CRITICAL 9.3
CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:CCVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95350
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95350
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
HIGH8.8
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution.
CVSS 2.0CRITICAL 9.3
CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:CCVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95347
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95347
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
HIGH8.8
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful exploitation could lead to arbitrary code execution.
CVSS 2.0CRITICAL 9.3
CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:CCVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95350
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95350
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
HIGH8.8
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability due to a concurrency error when manipulating a display list. Successful exploitation could lead to arbitrary code execution.
CVSS 2.0CRITICAL 9.3
CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:CCVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences
- http://packetstormsecurity.com/files/140463/Adobe-Flash-24.0.0.186-Code-Execution.html
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95350
- http://www.securitytracker.com/id/1037570
- https://cosig.gouv.qc.ca/en/cosig-2017-01-en/
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- https://www.exploit-db.com/exploits/41008/
- https://www.exploit-db.com/exploits/41012/
- http://packetstormsecurity.com/files/140463/Adobe-Flash-24.0.0.186-Code-Execution.html
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95350
- http://www.securitytracker.com/id/1037570
- https://cosig.gouv.qc.ca/en/cosig-2017-01-en/
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- https://www.exploit-db.com/exploits/41008/
- https://www.exploit-db.com/exploits/41012/
HIGH8.8
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to the parsing of SWF metadata. Successful exploitation could lead to arbitrary code execution.
CVSS 2.0CRITICAL 9.3
CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:CCVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95350
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- https://www.exploit-db.com/exploits/41608/
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95350
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- https://www.exploit-db.com/exploits/41608/
HIGH8.8
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript MovieClip class. Successful exploitation could lead to arbitrary code execution.
CVSS 2.0CRITICAL 9.3
CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:CCVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95342
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- https://www.exploit-db.com/exploits/41609/
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95342
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- https://www.exploit-db.com/exploits/41609/
HIGH8.8
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability related to texture compression. Successful exploitation could lead to arbitrary code execution.
CVSS 2.0CRITICAL 9.3
CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:CCVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95347
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- https://www.exploit-db.com/exploits/41610/
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95347
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- https://www.exploit-db.com/exploits/41610/
HIGH8.8
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when parsing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution.
CVSS 2.0CRITICAL 9.3
CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:CCVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95347
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- https://www.exploit-db.com/exploits/41611/
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95347
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- https://www.exploit-db.com/exploits/41611/
HIGH8.8
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing the Flash Video container file format. Successful exploitation could lead to arbitrary code execution.
CVSS 2.0CRITICAL 9.3
CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:CCVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95347
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- https://www.exploit-db.com/exploits/41612/
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95347
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- https://www.exploit-db.com/exploits/41612/
HIGH8.8
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class. Successful exploitation could lead to arbitrary code execution.
CVSS 2.0CRITICAL 9.3
CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:CCVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95342
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95342
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
HIGH8.8
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using class inheritance. Successful exploitation could lead to arbitrary code execution.
CVSS 2.0CRITICAL 9.3
CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:CCVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HReferences
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95342
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95342
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
MEDIUM6.5
Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related to handling TCP connections.
CVSS 2.0MEDIUM 4.3
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:NCVSS 3.xMEDIUM 6.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NReferences
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95341
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20
- http://rhn.redhat.com/errata/RHSA-2017-0057.html
- http://www.securityfocus.com/bid/95341
- http://www.securitytracker.com/id/1037570
- https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
- https://security.gentoo.org/glsa/201702-20