«
Expand/Collapse
353 items tagged "adobe flash player"
Related tags:
zero [+],
player versions [+],
logic error [+],
gentoo linux security [+],
vulnerability [+],
linux [+],
gentoo [+],
stack overflow [+],
overflow vulnerability [+],
denial of service [+],
initiative [+],
information disclosure vulnerability [+],
arbitrary code [+],
memory corruption [+],
exploits [+],
command execution [+],
arbitrary code execution [+],
security [+],
security advisory [+],
remote security [+],
remote [+],
media logic [+],
flash player 10 [+],
display [+],
class [+],
vupen [+],
update [+],
swf player [+],
sp3 [+],
shell metacharacters [+],
sequenceparametersetnalunit [+],
security restrictions [+],
security research [+],
security problem [+],
security control [+],
scroll [+],
research [+],
problem [+],
order [+],
nuclear situation [+],
method [+],
memory region [+],
memory copy [+],
iran [+],
even internet [+],
copy operations [+],
code versions [+],
code [+],
bulletin [+],
buffer overflow [+],
avm [+],
apple security [+],
adobe website [+],
adobe systems inc [+],
adobe shockwave player [+],
adobe reader [+],
action script [+],
acros [+],
acrobat adobe [+],
red hat security [+],
code execution [+],
virtual machine [+],
safer use [+],
reader [+],
read [+],
integer overflow [+],
idefense security advisory [+],
idefense [+],
exploit [+],
bugtraq [+],
ExploitsVulnerabilities [+],
web browser plug [+],
advisory [+],
zdi [+],
vulnerability research [+],
vulnerabilities [+],
stack buffer [+],
service vulnerability [+],
overflow code [+],
overflow [+],
image processing [+],
heap [+],
great reputation [+],
glsa [+],
darknet [+],
critical vulnerability [+],
buffer overflow vulnerability [+],
buffer overflow vulnerabilities [+],
binary [+],
aspr [+],
adobe [+],
secunia [+],
integer overflow vulnerability [+],
flash [+],
player [+],
swf [+],
s system [+],
zero day [+],
day [+],
user,
uri parsing,
txt,
retired,
pub,
opcode,
null pointer,
multiple,
memory consumption,
kil,
jpeg data,
invalid pointer,
hijacking,
heap memory,
fg vd,
dll,
decompression routines,
adobe products,
adobe flash player 10,
acrobat,
0 day
-
-
19:22
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0688-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB12-09, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the specially-crafted SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.183.19.
-
19:22
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0688-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB12-09, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the specially-crafted SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.183.19.
-
19:22
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0688-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB12-09, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the specially-crafted SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.183.19.
-
-
15:26
»
Packet Storm Security Advisories
Apple Security Advisory 2012-05-14-2 - This update disables Adobe Flash Player if it is older than 10.1.102.64 by moving its files to a new directory. This update presents the option to install an updated version of Flash Player from the Adobe website.
-
15:26
»
Packet Storm Security Recent Files
Apple Security Advisory 2012-05-14-2 - This update disables Adobe Flash Player if it is older than 10.1.102.64 by moving its files to a new directory. This update presents the option to install an updated version of Flash Player from the Adobe website.
-
15:26
»
Packet Storm Security Misc. Files
Apple Security Advisory 2012-05-14-2 - This update disables Adobe Flash Player if it is older than 10.1.102.64 by moving its files to a new directory. This update presents the option to install an updated version of Flash Player from the Adobe website.
-
-
21:16
»
Packet Storm Security Advisories
Secunia Security Advisory - A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
-
-
22:57
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in Adobe Flash Player for Linux, version 10.0.12.36 and 9.0.151.0 and prior. An input validation vulnerability allows command execution when the browser loads a SWF file which contains shell metacharacters in the arguments to the ActionScript launch method. The victim must have Adobe AIR installed for the exploit to work. This Metasploit module was tested against version 10.0.12.36 (10r12_36).
-
22:57
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in Adobe Flash Player for Linux, version 10.0.12.36 and 9.0.151.0 and prior. An input validation vulnerability allows command execution when the browser loads a SWF file which contains shell metacharacters in the arguments to the ActionScript launch method. The victim must have Adobe AIR installed for the exploit to work. This Metasploit module was tested against version 10.0.12.36 (10r12_36).
-
22:57
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability in Adobe Flash Player for Linux, version 10.0.12.36 and 9.0.151.0 and prior. An input validation vulnerability allows command execution when the browser loads a SWF file which contains shell metacharacters in the arguments to the ActionScript launch method. The victim must have Adobe AIR installed for the exploit to work. This Metasploit module was tested against version 10.0.12.36 (10r12_36).
-
6:19
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. The vulnerability is caused by an invalid object being used when parsing a malformed video via "NetStream.appendBytes", which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP enabled.
-
-
0:24
»
Packet Storm Security Advisories
Gentoo Linux Security Advisory 201204-7 - Multiple vulnerabilities in Adobe Flash Player, the worst of which might allow remote attackers to execute arbitrary code. Versions less than 11.2.202.228 are affected.
-
0:24
»
Packet Storm Security Recent Files
Gentoo Linux Security Advisory 201204-7 - Multiple vulnerabilities in Adobe Flash Player, the worst of which might allow remote attackers to execute arbitrary code. Versions less than 11.2.202.228 are affected.
-
0:24
»
Packet Storm Security Misc. Files
Gentoo Linux Security Advisory 201204-7 - Multiple vulnerabilities in Adobe Flash Player, the worst of which might allow remote attackers to execute arbitrary code. Versions less than 11.2.202.228 are affected.
-
-
21:30
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-057 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Flash Player handles the update of a NetStream object via the appendBytes method which can lead to a use-after-free condition when the function returns. This can result in remote code execution under the context of the current process.
-
21:30
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-057 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Flash Player handles the update of a NetStream object via the appendBytes method which can lead to a use-after-free condition when the function returns. This can result in remote code execution under the context of the current process.
-
21:30
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-057 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Flash Player handles the update of a NetStream object via the appendBytes method which can lead to a use-after-free condition when the function returns. This can result in remote code execution under the context of the current process.
-
21:25
»
Packet Storm Security Exploits
Adobe Flash Player versions prior to 10.3.183.16 and 11.x before 11.1.102.63 suffer from an information disclosure vulnerability. This archive has research related to this issue, proof of concept source code, and a swf that demonstrates the issue.
-
21:25
»
Packet Storm Security Recent Files
Adobe Flash Player versions prior to 10.3.183.16 and 11.x before 11.1.102.63 suffer from an information disclosure vulnerability. This archive has research related to this issue, proof of concept source code, and a swf that demonstrates the issue.
-
21:25
»
Packet Storm Security Misc. Files
Adobe Flash Player versions prior to 10.3.183.16 and 11.x before 11.1.102.63 suffer from an information disclosure vulnerability. This archive has research related to this issue, proof of concept source code, and a swf that demonstrates the issue.
-
-
2:50
»
Packet Storm Security Advisories
Secunia Security Advisory - Two vulnerabilities have been reported in Adobe Flash Player and Adobe AIR, which can be exploited by malicious people to compromise a user's system.
-
-
16:51
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0434-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB12-07, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the specially-crafted SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.183.18.
-
16:51
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0434-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB12-07, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the specially-crafted SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.183.18.
-
16:51
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0434-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB12-07, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the specially-crafted SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.183.18.
-
-
18:05
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability found in Adobe Flash Player. By supplying a corrupt .mp4 file loaded by Flash, it is possible to gain arbitrary remote code execution under the context of the user. This vulnerability has been exploited in the wild as part of the "Iran's Oil and Nuclear Situation.doc" phishing campaign.
-
18:05
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability found in Adobe Flash Player. By supplying a corrupt .mp4 file loaded by Flash, it is possible to gain arbitrary remote code execution under the context of the user. This vulnerability has been exploited in the wild as part of the "Iran's Oil and Nuclear Situation.doc" phishing campaign.
-
18:05
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability found in Adobe Flash Player. By supplying a corrupt .mp4 file loaded by Flash, it is possible to gain arbitrary remote code execution under the context of the user. This vulnerability has been exploited in the wild as part of the "Iran's Oil and Nuclear Situation.doc" phishing campaign.
-
0:39
»
Packet Storm Security Advisories
Secunia Security Advisory - Some vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to gain knowledge of potentially sensitive information or compromise a user's system.
-
-
15:59
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0359-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes two vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB12-05, listed in the References section. A flaw was found in the way flash-plugin displayed certain SWF content. An attacker could use this flaw to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
-
15:59
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0359-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes two vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB12-05, listed in the References section. A flaw was found in the way flash-plugin displayed certain SWF content. An attacker could use this flaw to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
-
15:59
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0359-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes two vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB12-05, listed in the References section. A flaw was found in the way flash-plugin displayed certain SWF content. An attacker could use this flaw to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
-
-
19:06
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0144-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB12-03, listed in the References section. Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
-
19:06
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0144-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB12-03, listed in the References section. Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
-
19:06
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0144-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB12-03, listed in the References section. Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
-
-
23:06
»
Packet Storm Security Advisories
Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.
-
-
14:32
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability found in Adobe Flash Player's Flash10u.ocx component. When processing a MP4 file (specifically the Sequence Parameter Set), Flash will see if pic_order_cnt_type is equal to 1, which sets the num_ref_frames_in_pic_order_cnt_cycle field, and then blindly copies data in offset_for_ref_frame on the stack, which allows arbitrary remote code execution under the context of the user. Numerous reports also indicate that this vulnerability has been exploited in the wild. Please note that the exploit requires a SWF media player in order to trigger the bug, which currently isn't included in the framework. However, software such as Longtail SWF Player is free for non-commercial use, and is easily obtainable.
-
14:32
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability found in Adobe Flash Player's Flash10u.ocx component. When processing a MP4 file (specifically the Sequence Parameter Set), Flash will see if pic_order_cnt_type is equal to 1, which sets the num_ref_frames_in_pic_order_cnt_cycle field, and then blindly copies data in offset_for_ref_frame on the stack, which allows arbitrary remote code execution under the context of the user. Numerous reports also indicate that this vulnerability has been exploited in the wild. Please note that the exploit requires a SWF media player in order to trigger the bug, which currently isn't included in the framework. However, software such as Longtail SWF Player is free for non-commercial use, and is easily obtainable.
-
14:32
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability found in Adobe Flash Player's Flash10u.ocx component. When processing a MP4 file (specifically the Sequence Parameter Set), Flash will see if pic_order_cnt_type is equal to 1, which sets the num_ref_frames_in_pic_order_cnt_cycle field, and then blindly copies data in offset_for_ref_frame on the stack, which allows arbitrary remote code execution under the context of the user. Numerous reports also indicate that this vulnerability has been exploited in the wild. Please note that the exploit requires a SWF media player in order to trigger the bug, which currently isn't included in the framework. However, software such as Longtail SWF Player is free for non-commercial use, and is easily obtainable.
-
7:55
»
Packet Storm Security Exploits
Adobe Flash Player MP4 SequenceParameterSetNALUnit remote code execution exploit that works against versions 10.3.181.34 and below on XP SP3.
-
-
3:29
»
Packet Storm Security Advisories
Secunia Security Advisory - Oracle has acknowledged multiple vulnerabilities in Adobe Flash Player included in Solaris, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.
-
-
18:39
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
13:29
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Flash Player.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
7:46
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1445-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB11-28, listed in the References section. Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
-
7:46
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1445-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB11-28, listed in the References section. Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
-
7:46
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1445-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB11-28, listed in the References section. Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
-
-
7:21
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1434-01 - This update fixes multiple security flaws in Adobe Reader. A PDF file with an embedded, specially-crafted SWF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. A flaw in Adobe Flash Player could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially-crafted web page. Various other issues were also addressed.
-
7:21
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1434-01 - This update fixes multiple security flaws in Adobe Reader. A PDF file with an embedded, specially-crafted SWF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. A flaw in Adobe Flash Player could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially-crafted web page. Various other issues were also addressed.
-
7:21
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1434-01 - This update fixes multiple security flaws in Adobe Reader. A PDF file with an embedded, specially-crafted SWF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. A flaw in Adobe Flash Player could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially-crafted web page. Various other issues were also addressed.
-
-
23:03
»
Packet Storm Security Advisories
Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.
-
-
15:44
»
SecuriTeam
Remote exploitation of an integer overflow vulnerability in Adobe Systems Inc.'s Flash Player could allow an attacker to execute arbitrary code with the privileges of the current user.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
2:45
»
Packet Storm Security Advisories
Secunia Security Advisory - Oracle has acknowledged multiple vulnerabilities in Adobe Flash Player included in Solaris, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, and compromise a user's system.
-
-
23:16
»
Packet Storm Security Advisories
Gentoo Linux Security Advisory 201110-11 - Multiple vulnerabilities in Adobe Flash Player might allow remote attackers to execute arbitrary code or cause a denial of service. Versions less than 10.3.183.10 are affected.
-
23:16
»
Packet Storm Security Recent Files
Gentoo Linux Security Advisory 201110-11 - Multiple vulnerabilities in Adobe Flash Player might allow remote attackers to execute arbitrary code or cause a denial of service. Versions less than 10.3.183.10 are affected.
-
23:16
»
Packet Storm Security Misc. Files
Gentoo Linux Security Advisory 201110-11 - Multiple vulnerabilities in Adobe Flash Player might allow remote attackers to execute arbitrary code or cause a denial of service. Versions less than 10.3.183.10 are affected.
-
-
6:33
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1333-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB11-26, listed in the References section. Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
-
6:33
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1333-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB11-26, listed in the References section. Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
-
6:33
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1333-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB11-26, listed in the References section. Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
-
-
20:17
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-276 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the sequenceParameterSetNALUnit component. When handling the num_ref_frames_in_pic_order_cnt_cycle value the size is not validated and the process blindly copies user supplied data from offset_for_ref_frame into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
-
20:17
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-276 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the sequenceParameterSetNALUnit component. When handling the num_ref_frames_in_pic_order_cnt_cycle value the size is not validated and the process blindly copies user supplied data from offset_for_ref_frame into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
-
20:17
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-276 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the sequenceParameterSetNALUnit component. When handling the num_ref_frames_in_pic_order_cnt_cycle value the size is not validated and the process blindly copies user supplied data from offset_for_ref_frame into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
-
-
3:50
»
Packet Storm Security Advisories
Secunia Security Advisory - Oracle has acknowledged two vulnerabilities in Adobe Flash Player included in Solaris, which can be exploited by malicious people to compromise a user's system.
-
-
13:24
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-253 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code responsible for evaluating the scroll method of the Actionscript Bitmap class. The function that uses the parameters to the scroll method performs arithmetic using data from the instantiated Bitmap object. By creating a Bitmap with certain integer values and subsequently calling the scroll method with other large integer values it is possible to force an integer wrap to occur. The resulting value is utilized to calculate a pointer which is operated upon by memory copy operations. By crafting specific values this issue can be exploited to execute remote code in the context of the user running the browser.
-
13:24
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-253 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code responsible for evaluating the scroll method of the Actionscript Bitmap class. The function that uses the parameters to the scroll method performs arithmetic using data from the instantiated Bitmap object. By creating a Bitmap with certain integer values and subsequently calling the scroll method with other large integer values it is possible to force an integer wrap to occur. The resulting value is utilized to calculate a pointer which is operated upon by memory copy operations. By crafting specific values this issue can be exploited to execute remote code in the context of the user running the browser.
-
13:24
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-253 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code responsible for evaluating the scroll method of the Actionscript Bitmap class. The function that uses the parameters to the scroll method performs arithmetic using data from the instantiated Bitmap object. By creating a Bitmap with certain integer values and subsequently calling the scroll method with other large integer values it is possible to force an integer wrap to occur. The resulting value is utilized to calculate a pointer which is operated upon by memory copy operations. By crafting specific values this issue can be exploited to execute remote code in the context of the user running the browser.
-
-
21:36
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1144-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB11-21, listed in the References section. Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
-
21:36
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1144-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB11-21, listed in the References section. Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
-
21:36
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1144-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB11-21, listed in the References section. Multiple security flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially-crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the specially-crafted SWF content.
-
1:16
»
Packet Storm Security Advisories
Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.
-
-
1:12
»
Packet Storm Security Advisories
Secunia Security Advisory - Oracle has acknowledged multiple vulnerabilities in Adobe Flash Player included in Solaris, which can be exploited by malicious people to disclose potentially sensitive information and compromise a user's system.
-
-
3:27
»
Packet Storm Security Advisories
Technical Cyber Security Alert 2011-166A - Adobe has released Security Bulletin APSB11-16, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat. Adobe has released Security Bulletin APSB11-17, which describes multiple vulnerabilities affecting Adobe Shockwave Player. Adobe has released Security Bulletin APSB11-18, which describes multiple vulnerabilities affecting Adobe Flash Player.
-
3:27
»
Packet Storm Security Recent Files
Technical Cyber Security Alert 2011-166A - Adobe has released Security Bulletin APSB11-16, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat. Adobe has released Security Bulletin APSB11-17, which describes multiple vulnerabilities affecting Adobe Shockwave Player. Adobe has released Security Bulletin APSB11-18, which describes multiple vulnerabilities affecting Adobe Flash Player.
-
3:27
»
Packet Storm Security Misc. Files
Technical Cyber Security Alert 2011-166A - Adobe has released Security Bulletin APSB11-16, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat. Adobe has released Security Bulletin APSB11-17, which describes multiple vulnerabilities affecting Adobe Shockwave Player. Adobe has released Security Bulletin APSB11-18, which describes multiple vulnerabilities affecting Adobe Flash Player.
-
-
19:14
»
Packet Storm Security Advisories
Secunia Security Advisory - A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
-
5:31
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-0869-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB11-18, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.181.26. Various other issues were also addressed.
-
5:31
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-0869-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB11-18, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.181.26. Various other issues were also addressed.
-
5:31
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-0869-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB11-18, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.181.26. Various other issues were also addressed.
-
-
18:41
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-0850 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB11-13, listed in the References section. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.181.22 Various other issues were also addressed.
-
18:41
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-0850 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB11-13, listed in the References section. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.181.22 Various other issues were also addressed.
-
18:41
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-0850 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB11-13, listed in the References section. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.181.22 Various other issues were also addressed.
-
-
21:40
»
Packet Storm Security Advisories
Secunia Security Advisory - A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to conduct cross-site scripting attacks.
-
-
21:04
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
4:27
»
Packet Storm Security Advisories
Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to disclose potentially sensitive information and compromise a user's system.
-
-
10:04
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in Adobe Flash Player that was discovered, and has been exploited actively in the wild. By embedding a specially crafted .swf file, Adobe Flash crashes due to an invalid use of an object type, which allows attackers to overwrite a pointer in memory, and results arbitrary code execution.
-
10:04
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in Adobe Flash Player that was discovered, and has been exploited actively in the wild. By embedding a specially crafted .swf file, Adobe Flash crashes due to an invalid use of an object type, which allows attackers to overwrite a pointer in memory, and results arbitrary code execution.
-
10:04
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability in Adobe Flash Player that was discovered, and has been exploited actively in the wild. By embedding a specially crafted .swf file, Adobe Flash crashes due to an invalid use of an object type, which allows attackers to overwrite a pointer in memory, and results arbitrary code execution.
-
-
23:16
»
Packet Storm Security Advisories
Secunia Security Advisory - A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
-
-
22:56
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in AVM2 action script virtual machine used in Adobe Flash Player versions 9.0 through 10. The AVM fails to properly verify bytecode streams prior to executing it. This can cause uninitialized memory to be executed. Utilizing heap spraying techniques to control the uninitialized memory region it is possible to execute arbitrary code. Typically Flash Player is not used as a standalone application. Often, SWF files are embedded in other file formats or specifically loaded via a web browser. Malcode was discovered in the wild which embedded a malformed SWF file within an Excel spreadsheet. This exploit is based off the byte stream found within that malcode sample.
-
22:56
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in AVM2 action script virtual machine used in Adobe Flash Player versions 9.0 through 10. The AVM fails to properly verify bytecode streams prior to executing it. This can cause uninitialized memory to be executed. Utilizing heap spraying techniques to control the uninitialized memory region it is possible to execute arbitrary code. Typically Flash Player is not used as a standalone application. Often, SWF files are embedded in other file formats or specifically loaded via a web browser. Malcode was discovered in the wild which embedded a malformed SWF file within an Excel spreadsheet. This exploit is based off the byte stream found within that malcode sample.
-
22:56
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability in AVM2 action script virtual machine used in Adobe Flash Player versions 9.0 through 10. The AVM fails to properly verify bytecode streams prior to executing it. This can cause uninitialized memory to be executed. Utilizing heap spraying techniques to control the uninitialized memory region it is possible to execute arbitrary code. Typically Flash Player is not used as a standalone application. Often, SWF files are embedded in other file formats or specifically loaded via a web browser. Malcode was discovered in the wild which embedded a malformed SWF file within an Excel spreadsheet. This exploit is based off the byte stream found within that malcode sample.
-
-
5:36
»
Packet Storm Security Advisories
Secunia Security Advisory - Oracle has acknowledged multiple vulnerabilities in Adobe Flash Player included in Solaris, which can be exploited by malicious people to compromise a user's system.
-
-
23:15
»
Packet Storm Security Advisories
Secunia Security Advisory - A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
-
-
20:55
»
SecuriTeam
Remote exploitation of a memory corruption vulnerability in Adobe Systems Inc.'s Flash Player could allow an attacker to execute arbitrary code with the privileges of the current user.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
20:55
»
SecuriTeam
Remote exploitation of an integer overflow vulnerability in Adobe Systems Inc.'s Flash Player could allow an attacker to execute arbitrary code with the privileges of the current user.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
11:22
»
Packet Storm Security Advisories
ACROS Security Problem Report #2011-02-11-2 - A binary planting vulnerability in Adobe Flash Player allows local or remote (even Internet-based) attackers to deploy and execute malicious code on Windows machines in the context of logged-on users.
-
11:22
»
Packet Storm Security Recent Files
ACROS Security Problem Report #2011-02-11-2 - A binary planting vulnerability in Adobe Flash Player allows local or remote (even Internet-based) attackers to deploy and execute malicious code on Windows machines in the context of logged-on users.
-
11:22
»
Packet Storm Security Misc. Files
ACROS Security Problem Report #2011-02-11-2 - A binary planting vulnerability in Adobe Flash Player allows local or remote (even Internet-based) attackers to deploy and execute malicious code on Windows machines in the context of logged-on users.
-
-
1:16
»
Packet Storm Security Advisories
Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
-
-
17:29
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-081 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within construction of a specific ActionScript3 object. Due to improper type checking in the implementation of the constructor, an alternative type can be provided as an argument to the constructor and stored as a property. When this object is applied to a bitmap copy, the application will corrupt memory. This can lead to code execution under the context of the application.
-
17:29
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-081 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within construction of a specific ActionScript3 object. Due to improper type checking in the implementation of the constructor, an alternative type can be provided as an argument to the constructor and stored as a property. When this object is applied to a bitmap copy, the application will corrupt memory. This can lead to code execution under the context of the application.
-
17:29
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-081 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within construction of a specific ActionScript3 object. Due to improper type checking in the implementation of the constructor, an alternative type can be provided as an argument to the constructor and stored as a property. When this object is applied to a bitmap copy, the application will corrupt memory. This can lead to code execution under the context of the application.
-
-
13:15
»
Packet Storm Security Advisories
Gentoo Linux Security Advisory 201101-9 - Multiple vulnerabilities in Adobe Flash Player might allow remote attackers to execute arbitrary code or cause a Denial of Service. Versions less than 10.1.102.64 are affected.
-
13:15
»
Packet Storm Security Recent Files
Gentoo Linux Security Advisory 201101-9 - Multiple vulnerabilities in Adobe Flash Player might allow remote attackers to execute arbitrary code or cause a Denial of Service. Versions less than 10.1.102.64 are affected.
-
13:15
»
Packet Storm Security Misc. Files
Gentoo Linux Security Advisory 201101-9 - Multiple vulnerabilities in Adobe Flash Player might allow remote attackers to execute arbitrary code or cause a Denial of Service. Versions less than 10.1.102.64 are affected.
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Hack a Day
Wirevolution