VuXML ID | Description |
8a34d9e6-c662-11df-b2e1-001b2134ef46 | linux-flashplugin -- remote code execution
Adobe Product Security Incident Response Team reports:
A critical vulnerability exists in Adobe Flash Player
10.1.82.76 and earlier versions for Windows, Macintosh,
Linux, Solaris, and Adobe Flash Player 10.1.92.10 for
Android. This vulnerability also affects Adobe Reader
9.3.4 and earlier versions for Windows, Macintosh and
UNIX, and Adobe Acrobat 9.3.4 and earlier versions for
Windows and Macintosh. This vulnerability (CVE-2010-2884)
could cause a crash and potentially allow an attacker
to take control of the affected system. There are
reports that this vulnerability is being actively
exploited in the wild against Adobe Flash Player on
Windows. Adobe is not aware of any attacks exploiting
this vulnerability against Adobe Reader or Acrobat to
date.
Discovery 2010-09-14 Entry 2010-09-22 linux-flashplugin
< 9.0r283
linux-f8-flashplugin
linux-f10-flashplugin
< 10.1r85
CVE-2010-2884
http://www.adobe.com/support/security/advisories/apsa10-03.html
|
53e531a7-e559-11e0-b481-001b2134ef46 | linux-flashplugin -- multiple vulnerabilities
Adobe Product Security Incident Response Team reports:
Critical vulnerabilities have been identified in Adobe Flash
Player 10.3.183.7 and earlier versions for Windows, Macintosh,
Linux and Solaris, and Adobe Flash Player 10.3.186.6 and earlier
versions for Android. These vulnerabilities could cause a crash
and potentially allow an attacker to take control of the
affected system.
There are reports that one of these vulnerabilities
(CVE-2011-2444) is being exploited in the wild in active
targeted attacks designed to trick the user into clicking on
a malicious link delivered in an email message. This universal
cross-site scripting issue could be used to take actions on a
user's behalf on any website or webmail provider if the user
visits a malicious website.
Discovery 2011-06-06 Entry 2011-09-22 linux-flashplugin
le 9.0r289
linux-f10-flashplugin
< 10.3r183.10
https://www.adobe.com/support/security/bulletins/apsb11-26.html
CVE-2011-2426
CVE-2011-2427
CVE-2011-2428
CVE-2011-2429
CVE-2011-2430
CVE-2011-2444
|
2c12ae0c-c38d-11e0-8eb7-001b2134ef46 | linux-flashplugin -- multiple vulnerabilities
Adobe Product Security Incident Response Team reports:
Critical vulnerabilities have been identified in Adobe Flash
Player 10.3.181.36 and earlier versions for Windows, Macintosh,
Linux and Solaris, and Adobe Flash Player 10.3.185.25 and
earlier versions for Android. These vulnerabilities could
cause a crash and potentially allow an attacker to take control
of the affected system.
Discovery 2011-05-13 Entry 2011-08-10 Modified 2012-11-05 linux-flashplugin
le 9.0r289
linux-f10-flashplugin
< 10.3r183.5
CVE-2011-2130
CVE-2011-2134
CVE-2011-2135
CVE-2011-2136
CVE-2011-2137
CVE-2011-2138
CVE-2011-2139
CVE-2011-2140
CVE-2011-2414
CVE-2011-2415
CVE-2011-2416
CVE-2011-2417
CVE-2011-2425
https://www.adobe.com/support/security/bulletins/apsb11-21.html
|
55a528e8-9787-11e0-b24a-001b2134ef46 | linux-flashplugin -- remote code execution vulnerability
Adobe Product Security Incident Response Team reports:
A critical vulnerability has been identified in Adobe Flash
Player 10.3.181.23 and earlier versions for Windows, Macintosh,
Linux and Solaris, and Adobe Flash Player 10.3.185.23 and
earlier versions for Android. This memory corruption
vulnerability (CVE-2011-2110) could cause a crash and
potentially allow an attacker to take control of the affected
system. There are reports that this vulnerability is being
exploited in the wild in targeted attacks via malicious Web
pages.
Discovery 2011-05-13 Entry 2011-06-15 linux-flashplugin
le 9.0r289
linux-f10-flashplugin
< 10.3r181.26
CVE-2011-2110
http://www.adobe.com/support/security/bulletins/apsb11-18.html
|
57573136-920e-11e0-bdc9-001b2134ef46 | linux-flashplugin -- cross-site scripting vulnerability
Adobe Product Security Incident Response Team reports:
An important vulnerability has been identified in Adobe
Flash Player 10.3.181.16 and earlier versions for Windows,
Macintosh, Linux and Solaris, and Adobe Flash Player
10.3.185.22 and earlier versions for Android. This universal
cross-site scripting vulnerability (CVE-2011-2107) could be
used to take actions on a user's behalf on any website or
webmail provider, if the user visits a malicious website.
There are reports that this vulnerability is being exploited
in the wild in active targeted attacks designed to trick
the user into clicking on a malicious link delivered in an
email message.
Discovery 2011-05-13 Entry 2011-06-08 linux-flashplugin
le 9.0r289
linux-f10-flashplugin
< 10.3r181.22
CVE-2011-2107
http://www.adobe.com/support/security/bulletins/apsb11-13.html
|
d226626c-857f-11e0-95cc-001b2134ef46 | linux-flashplugin -- multiple vulnerabilities
Adobe Product Security Incident Response Team reports:
Critical vulnerabilities have been identified in Adobe Flash
Player 10.2.159.1 and earlier versions (Adobe Flash Player
10.2.154.28 and earlier for Chrome users) for Windows,
Macintosh, Linux and Solaris, and Adobe Flash Player 10.2.157.51
and earlier versions for Android. These vulnerabilities could
cause the application to crash and could potentially allow an
attacker to take control of the affected system. There are
reports of malware attempting to exploit one of the
vulnerabilities, CVE-2011-0627, in the wild via a Flash (.swf)
file embedded in a Microsoft Word (.doc) or Microsoft Excel
(.xls) file delivered as an email attachment targeting the
Windows platform. However, to date, Adobe has not obtained a
sample that successfully completes an attack.
Discovery 2011-01-20 Entry 2011-05-23 linux-flashplugin
le 9.0r289
linux-f10-flashplugin
< 10.3r181.14
CVE-2011-0579
CVE-2011-0618
CVE-2011-0619
CVE-2011-0620
CVE-2011-0621
CVE-2011-0622
CVE-2011-0623
CVE-2011-0624
CVE-2011-0625
CVE-2011-0626
CVE-2011-0627
http://www.adobe.com/support/security/bulletins/apsb11-12.html
|
32b05547-6913-11e0-bdc4-001b2134ef46 | linux-flashplugin -- remote code execution vulnerability
Adobe Product Security Incident Response Team reports:
A critical vulnerability exists in Flash Player 10.2.153.1
and earlier versions (Adobe Flash Player 10.2.154.25 and
earlier for Chrome users) for Windows, Macintosh, Linux
and Solaris, Adobe Flash Player 10.2.156.12 and earlier
versions for Android, and the Authplay.dll component that
ships with Adobe Reader and Acrobat X (10.0.2) and earlier
10.x and 9.x versions for Windows and Macintosh operating
systems.
This vulnerability (CVE-2011-0611) could cause a crash
and potentially allow an attacker to take control of the
affected system. There are reports that this vulnerability
is being exploited in the wild in targeted attacks via a
malicious Web page or a Flash (.swf) file embedded in a
Microsoft Word (.doc) or Microsoft Excel (.xls) file
delivered as an email attachment, targeting the Windows
platform. At this time, Adobe is not aware of any attacks
via PDF targeting Adobe Reader and Acrobat. Adobe Reader
X Protected Mode mitigations would prevent an exploit of
this kind from executing.
Discovery 2011-01-20 Entry 2011-04-17 linux-flashplugin
le 9.0r289
linux-f10-flashplugin
< 10.2r159.1
CVE-2011-0611
http://www.adobe.com/support/security/advisories/apsa11-02.html
|
501ee07a-5640-11e0-985a-001b2134ef46 | linux-flashplugin -- remote code execution vulnerability
Adobe Product Security Incident Response Team reports:
A critical vulnerability exists in Adobe Flash Player
10.2.152.33 and earlier versions (Adobe Flash Player
10.2.154.18 and earlier for Chrome users) for Windows,
Macintosh, Linux and Solaris operating systems, Adobe
Flash Player 10.1.106.16 and earlier versions for Android,
and the Authplay.dll component that ships with Adobe Reader
and Acrobat X (10.0.1) and earlier 10.x and 9.x versions of
Reader and Acrobat for Windows and Macintosh operating systems.
This vulnerability (CVE-2011-0609) could cause a crash and
potentially allow an attacker to take control of the affected
system. There are reports that this vulnerability is being
exploited in the wild in targeted attacks via a Flash (.swf)
file embedded in a Microsoft Excel (.xls) file delivered as
an email attachment.
Discovery 2011-01-20 Entry 2011-03-24 linux-flashplugin
le 9.0r289
linux-f8-flashplugin
linux-f10-flashplugin
< 10.2r153
CVE-2011-0609
http://www.adobe.com/support/security/advisories/apsa11-01.html
|
4a3482da-3624-11e0-b995-001b2134ef46 | linux-flashplugin -- multiple vulnerabilities
Adobe Product Security Incident Response Team reports:
Critical vulnerabilities have been identified in
Adobe Flash Player 10.1.102.64 and earlier versions for
Windows, Macintosh, Linux, and Solaris. These vulnerabilities
could cause the application to crash and could potentially
allow an attacker to take control of the affected system.
Discovery 2011-02-08 Entry 2011-02-11 linux-flashplugin
le 9.0r289
linux-f8-flashplugin
linux-f10-flashplugin
< 10.2r152
CVE-2011-0558
CVE-2011-0559
CVE-2011-0560
CVE-2011-0561
CVE-2011-0571
CVE-2011-0572
CVE-2011-0573
CVE-2011-0574
CVE-2011-0575
CVE-2011-0577
CVE-2011-0578
CVE-2011-0607
CVE-2011-0608
http://www.adobe.com/support/security/bulletins/apsb11-02.html
|
76b597e4-e9c6-11df-9e10-001b2134ef46 | linux-flashplugin -- multiple vulnerabilities
Adobe Product Security Incident Response Team reports:
Critical vulnerabilities have been identified in
Adobe Flash Player 10.1.85.3 and earlier versions for
Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player
10.1.95.1 for Android. These vulnerabilities, including
CVE-2010-3654 referenced in Security Advisory APSA10-05,
could cause the application to crash and could potentially
allow an attacker to take control of the affected system.
Discovery 2010-09-28 Entry 2010-11-06 linux-flashplugin
< 9.0r289
linux-f8-flashplugin
linux-f10-flashplugin
< 10.1r102
CVE-2010-3636
CVE-2010-3637
CVE-2010-3638
CVE-2010-3639
CVE-2010-3640
CVE-2010-3641
CVE-2010-3642
CVE-2010-3643
CVE-2010-3644
CVE-2010-3645
CVE-2010-3646
CVE-2010-3647
CVE-2010-3648
CVE-2010-3649
CVE-2010-3650
CVE-2010-3652
CVE-2010-3654
CVE-2010-3676
http://www.adobe.com/support/security/bulletins/apsb10-26.html
http://www.adobe.com/support/security/advisories/apsa10-05.html
|
e19e74a4-a712-11df-b234-001b2134ef46 | linux-flashplugin -- multiple vulnerabilities
Adobe Product Security Incident Response Team reports:
Critical vulnerabilities have been identified in Adobe
Flash Player version 10.1.53.64 and earlier. These
vulnerabilities could cause the application to crash and
could potentially allow an attacker to take control of the
affected system.
Discovery 2010-01-06 Entry 2010-08-13 linux-flashplugin
< 9.0r280
linux-f8-flashplugin
linux-f10-flashplugin
< 10.1r82
CVE-2010-0209
CVE-2010-2188
CVE-2010-2213
CVE-2010-2214
CVE-2010-2215
CVE-2010-2216
http://www.adobe.com/support/security/bulletins/apsb10-16.html
|
144e524a-77eb-11df-ae06-001b2134ef46 | linux-flashplugin -- multiple vulnerabilities
Adobe Product Security Incident Response Team reports:
Critical vulnerabilities have been identified in Adobe
Flash Player version 10.0.45.2 and earlier. These
vulnerabilities could cause the application to crash and
could potentially allow an attacker to take control of the
affected system.
Discovery 2008-10-02 Entry 2010-06-14 linux-flashplugin
< 9.0r277
linux-f8-flashplugin
linux-f10-flashplugin
< 10.1r53
CVE-2008-4546
CVE-2009-3793
CVE-2010-1297
CVE-2010-2160
CVE-2010-2161
CVE-2010-2162
CVE-2010-2163
CVE-2010-2164
CVE-2010-2165
CVE-2010-2166
CVE-2010-2167
CVE-2010-2169
CVE-2010-2170
CVE-2010-2171
CVE-2010-2172
CVE-2010-2173
CVE-2010-2174
CVE-2010-2175
CVE-2010-2176
CVE-2010-2177
CVE-2010-2178
CVE-2010-2179
CVE-2010-2180
CVE-2010-2181
CVE-2010-2182
CVE-2010-2183
CVE-2010-2184
CVE-2010-2185
CVE-2010-2186
CVE-2010-2187
CVE-2010-2188
CVE-2010-2189
http://www.adobe.com/support/security/bulletins/apsb10-14.html
|
ff6519ad-18e5-11df-9bdd-001b2134ef46 | linux-flashplugin -- multiple vulnerabilities
Adobe Product Security Incident Response Team reports:
A critical vulnerability has been identified in Adobe
Flash Player version 10.0.42.34 and earlier. This
vulnerability (CVE-2010-0186) could subvert the domain sandbox
and make unauthorized cross-domain requests. This update also
resolves a potential Denial of Service issue (CVE-2010-0187).
Discovery 2010-02-11 Entry 2010-02-13 linux-flashplugin
< 9.0r262
linux-f8-flashplugin
linux-f10-flashplugin
< 10.0r45
CVE-2010-0186
CVE-2010-0187
http://www.adobe.com/support/security/bulletins/apsb10-06.html
|
3c1a672e-e508-11de-9f4a-001b2134ef46 | linux-flashplugin -- multiple vulnerabilities
Adobe Product Security Incident Response Team reports:
Critical vulnerabilities have been identified in Adobe
Flash Player version 10.0.32.18 and earlier. These
vulnerabilities could cause the application to crash and
could potentially allow an attacker to take control of the
affected system.
Discovery 2009-07-14 Entry 2009-12-09 linux-flashplugin
< 9.0r260
linux-f8-flashplugin
linux-f10-flashplugin
< 10.0r42
CVE-2009-3794
CVE-2009-3796
CVE-2009-3797
CVE-2009-3798
CVE-2009-3799
CVE-2009-3800
CVE-2009-3951
http://www.zerodayinitiative.com/advisories/ZDI-09-092/
http://www.zerodayinitiative.com/advisories/ZDI-09-093/
http://www.adobe.com/support/security/bulletins/apsb09-19.html
|
78f456fd-9c87-11dd-a55e-00163e000016 | linux-flashplugin -- multiple vulnerabilities
Adobe Product Security Incident Response Team reports:
Potential vulnerabilities have been identified in Adobe Flash
Player 9.0.124.0 and earlier that could allow an attacker who
successfully exploits these potential vulnerabilities to bypass
Flash Player security controls. Adobe recommends users update
to the most current version of Flash Player available for their
platform.
Discovery 2008-10-15 Entry 2008-10-17 linux-flashplugin
le 9.0r124_1
CVE-2007-6243
CVE-2008-3873
CVE-2007-4324
CVE-2008-4401
CVE-2008-4503
http://www.adobe.com/support/security/bulletins/apsb08-18.html
|
04c6187d-2d8f-11dd-98c9-00163e000016 | linux-flashplugin -- unspecified remote code execution vulnerability
Adobe Product Security Incident Response Team reports:
An exploit appears to be taking advantage of a known
vulnerability, reported by Mark Dowd of the ISS X-Force and wushi
of team509, that was resolved in Flash Player 9.0.124.0
(CVE-2007-0071). This exploit does NOT appear to include a new,
unpatched vulnerability as has been reported elsewhere - customers
with Flash Player 9.0.124.0 should not be vulnerable to this
exploit.
Discovery 2008-05-27 Entry 2008-05-30 linux-flashplugin
< 9.0r124
29386
CVE-2007-0071
http://blogs.adobe.com/psirt/
|
b42e8c32-34f6-11dc-9bc9-001921ab2fa4 | linux-flashplugin -- critical vulnerabilities
Adobe reports:
Critical vulnerabilities have been identified in
Adobe Flash Player that could allow an attacker who
successfully exploits these potential vulnerabilities
to take control of the affected system. A malicious
SWF must be loaded in Flash Player by the user for
an attacker to exploit these potential vulnerabilities.
Discovery 2007-07-10 Entry 2007-07-18 linux-flashplugin
gt 9.0 le 9.0r45
gt 8.0 le 8.0r34
le 7.0r69
CVE-2007-2022
CVE-2007-3456
CVE-2007-3457
|
7c75d48c-429b-11db-afae-000c6ec775d9 | linux-flashplugin7 -- arbitrary code execution vulnerabilities
Adobe reports:
Multiple input validation errors have been identified in
Flash Player 8.0.24.0 and earlier versions that could lead
to the potential execution of arbitrary code. These
vulnerabilities could be accessed through content
delivered from a remote location via the user?s web
browser, email client, or other applications that include
or reference the Flash Player. (CVE-2006-3311,
CVE-2006-3587, CVE-2006-3588)
These updates include changes to prevent circumvention of
the "allowScriptAccess" option. (CVE-2006-4640)
Discovery 2006-09-12 Entry 2006-09-12 linux-flashplugin
< 7.0r68
CVE-2006-3311
CVE-2006-3587
CVE-2006-3588
CVE-2006-4640
http://www.adobe.com/support/security/bulletins/apsb06-11.html
|
83421018-b3ef-11da-a32d-000c6ec775d9 | linux-flashplugin -- arbitrary code execution vulnerability
Adobe reports:
Critical vulnerabilities have been identified in Flash
Player that could allow an attacker who successfully
exploits these vulnerabilities to take control of the
affected system. A malicious SWF must be loaded in Flash
Player by the user for an attacker to exploit these
vulnerabilities.
Flash Player 8 update (8.0.24.0), and Flash Player 7
update (7.0.63.0) address security vulnerabilities in
previous versions of Flash Player, which could lead to the
potential execution of arbitrary code. These
vulnerabilities could be accessed through content
delivered from a remote location via the users web
browser, email client, or other applications that include
or reference the Flash Player.
Discovery 2006-03-14 Entry 2006-03-15 linux-flashplugin
< 7.0r63
CVE-2006-0024
http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html
|