Executive Summary
Summary | |
---|---|
Title | Adobe Flash Player: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-201409-05 | First vendor Publication | 2014-09-19 |
Vendor | Gentoo | Last vendor Modification | 2014-09-19 |
Severity (Vendor) | Normal | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Background Description Impact Workaround Resolution References Availability http://security.gentoo.org/glsa/glsa-201409-05.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-201409-05.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
80 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
20 % | CWE-264 | Permissions, Privileges, and Access Controls |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:26301 | |||
Oval ID: | oval:org.mitre.oval:def:26301 | ||
Title: | Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) | ||
Description: | Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, and CVE-2014-0555. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0552 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Adobe AIR Adobe Flash Player ActiveX Control |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26312 | |||
Oval ID: | oval:org.mitre.oval:def:26312 | ||
Title: | Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) (CVE-2014-0550) | ||
Description: | Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0550 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Adobe AIR Adobe Flash Player ActiveX Control |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26434 | |||
Oval ID: | oval:org.mitre.oval:def:26434 | ||
Title: | Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) (CVE-2014-0547) | ||
Description: | Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0547 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Adobe AIR Adobe Flash Player ActiveX Control |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26551 | |||
Oval ID: | oval:org.mitre.oval:def:26551 | ||
Title: | Use-after-free vulnerability in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allows attackers to execute arbitrary code via unspecified vectors | ||
Description: | Use-after-free vulnerability in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0553 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Adobe AIR Adobe Flash Player ActiveX Control |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26603 | |||
Oval ID: | oval:org.mitre.oval:def:26603 | ||
Title: | Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allows allow attackers to bypass intended access restrictions | ||
Description: | Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, and CVE-2014-0552. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0555 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Adobe AIR Adobe Flash Player ActiveX Control |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26616 | |||
Oval ID: | oval:org.mitre.oval:def:26616 | ||
Title: | Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allows attackers to execute arbitrary code | ||
Description: | Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0556. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0559 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Adobe AIR Adobe Flash Player ActiveX Control |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26668 | |||
Oval ID: | oval:org.mitre.oval:def:26668 | ||
Title: | Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allows allow attackers to bypass intended access restrictions | ||
Description: | Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to bypass intended access restrictions via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0554 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Adobe AIR Adobe Flash Player ActiveX Control |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26690 | |||
Oval ID: | oval:org.mitre.oval:def:26690 | ||
Title: | RHSA-2014:1173: flash-plugin security update (Critical) | ||
Description: | The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-21, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559) A flaw in flash-plugin could allow an attacker to bypass the same-origin policy. (CVE-2014-0548) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.406. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:1173-00 CVE-2014-0547 CVE-2014-0548 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0553 CVE-2014-0554 CVE-2014-0555 CVE-2014-0556 CVE-2014-0557 CVE-2014-0559 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 | Product(s): | flash-plugin |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26694 | |||
Oval ID: | oval:org.mitre.oval:def:26694 | ||
Title: | SUSE-SU-2014:1124-1 -- Security update for flash-player | ||
Description: | Adobe Flash Player has been updated to 11.2.202.406 which fixes various security issues. These updates: * resolve a memory leakage vulnerability that could have been used to bypass memory address randomization (CVE-2014-0557). * resolve a security bypass vulnerability (CVE-2014-0554). * resolve a use-after-free vulnerability that could have lead to code execution (CVE-2014-0553). * resolve memory corruption vulnerabilities that could have lead to code execution (CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0555). * resolve a vulnerability that could have been used to bypass the same origin policy (CVE-2014-0548). * resolve a heap buffer overflow vulnerability that could have lead to code execution (CVE-2014-0556, CVE-2014-0559). More information can be found on http://helpx.adobe.com/security/products/flash-player/apsb14-21.html <http://helpx.adobe.com/security/products/flash-player/apsb14-21.html> Security Issues: * CVE-2014-0547 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0547> * CVE-2014-0548 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0548> * CVE-2014-0549 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0549> * CVE-2014-0550 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0550> * CVE-2014-0551 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0551> * CVE-2014-0552 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0552> * CVE-2014-0553 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0553> * CVE-2014-0554 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0554> * CVE-2014-0555 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0555> * CVE-2014-0556 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0556> * CVE-2014-0557 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0557> * CVE-2014-0559 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0559> | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1124-1 CVE-2014-0557 CVE-2014-0554 CVE-2014-0553 CVE-2014-0547 CVE-2014-0549 CVE-2014-0550 CVE-2014-0551 CVE-2014-0552 CVE-2014-0555 CVE-2014-0548 CVE-2014-0556 CVE-2014-0559 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Desktop 11 | Product(s): | flash-player |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:26708 | |||
Oval ID: | oval:org.mitre.oval:def:26708 | ||
Title: | Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) (CVE-2014-0551) | ||
Description: | Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0552, and CVE-2014-0555. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0551 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Adobe AIR Adobe Flash Player ActiveX Control |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26758 | |||
Oval ID: | oval:org.mitre.oval:def:26758 | ||
Title: | Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism | ||
Description: | Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0557 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Adobe AIR Adobe Flash Player ActiveX Control |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26807 | |||
Oval ID: | oval:org.mitre.oval:def:26807 | ||
Title: | Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allow remote attackers to bypass the Same Origin Policy (CVE-2014-0548) | ||
Description: | Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow remote attackers to bypass the Same Origin Policy via unspecified vectors. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0548 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Adobe AIR Adobe Flash Player ActiveX Control |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26813 | |||
Oval ID: | oval:org.mitre.oval:def:26813 | ||
Title: | Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allows allow attackers to bypass intended access restrictions | ||
Description: | Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0559. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0556 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Adobe AIR Adobe Flash Player ActiveX Control |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26818 | |||
Oval ID: | oval:org.mitre.oval:def:26818 | ||
Title: | Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows, Adobe AIR before 15.0.0.249 on Windows allow attackers to execute arbitrary code or cause a denial of service (memory corruption) (CVE-2014-0549) | ||
Description: | Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2014-0549 | Version: | 6 |
Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Adobe AIR Adobe Flash Player ActiveX Control |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Snort® IPS/IDS
Date | Description |
---|---|
2016-03-22 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 37711 - Revision : 3 - Type : FILE-FLASH |
2016-03-22 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 37710 - Revision : 2 - Type : FILE-FLASH |
2016-03-22 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 37709 - Revision : 1 - Type : FILE-FLASH |
2016-03-22 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 37708 - Revision : 1 - Type : FILE-FLASH |
2016-03-15 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 37645 - Revision : 2 - Type : FILE-FLASH |
2016-03-15 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 37644 - Revision : 1 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 36177 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 36176 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 36175 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 36174 - Revision : 3 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 36173 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 36172 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 36171 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 36170 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 36169 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 36168 - Revision : 3 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 36167 - Revision : 3 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 36166 - Revision : 3 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 36165 - Revision : 4 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 36164 - Revision : 3 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 36163 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 36162 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 36161 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 36160 - Revision : 2 - Type : FILE-FLASH |
2015-06-23 | Adobe Flash Player same origin policy security bypass attempt RuleID : 34495 - Revision : 4 - Type : FILE-FLASH |
2015-06-23 | Adobe Flash Player same origin policy security bypass attempt RuleID : 34494 - Revision : 4 - Type : FILE-FLASH |
2015-06-23 | Adobe Flash Player same origin policy security bypass attempt RuleID : 34493 - Revision : 4 - Type : FILE-FLASH |
2015-06-23 | Adobe Flash Player same origin policy security bypass attempt RuleID : 34492 - Revision : 4 - Type : FILE-FLASH |
2015-04-30 | Nuclear exploit kit obfuscated file download RuleID : 33983 - Revision : 5 - Type : EXPLOIT-KIT |
2015-04-30 | Nuclear exploit kit landing page detected RuleID : 33982 - Revision : 3 - Type : EXPLOIT-KIT |
2015-04-30 | Nuclear exploit kit flash file download RuleID : 33981 - Revision : 4 - Type : EXPLOIT-KIT |
2015-02-24 | Adobe Flash Player RTMP out-of-bounds read attempt RuleID : 33164 - Revision : 3 - Type : FILE-FLASH |
2015-01-15 | Adobe Flash Player corrupt MP4 video denial of service attempt RuleID : 32818 - Revision : 8 - Type : FILE-FLASH |
2015-01-15 | Adobe Flash Player corrupt MP4 video denial of service attempt RuleID : 32817 - Revision : 8 - Type : FILE-FLASH |
2014-12-23 | Adobe Flash Player malformed third component in color JPEG information leak a... RuleID : 32597 - Revision : 2 - Type : FILE-FLASH |
2014-12-23 | Adobe Flash Player malformed third component in color JPEG information leak a... RuleID : 32596 - Revision : 2 - Type : FILE-FLASH |
2014-12-23 | Adobe Flash Player malformed second component in color JPEG information leak ... RuleID : 32595 - Revision : 2 - Type : FILE-FLASH |
2014-12-23 | Adobe Flash Player malformed second component in color JPEG information leak ... RuleID : 32594 - Revision : 2 - Type : FILE-FLASH |
2014-12-23 | Adobe Flash Player malformed JPEG information leak attempt RuleID : 32593 - Revision : 3 - Type : FILE-FLASH |
2014-12-23 | Adobe Flash Player malformed JPEG information leak attempt RuleID : 32592 - Revision : 3 - Type : FILE-FLASH |
2014-12-23 | Adobe Flash Player malformed greyscale JPEG information leak attempt RuleID : 32591 - Revision : 2 - Type : FILE-FLASH |
2014-12-23 | Adobe Flash Player malformed greyscale JPEG information leak attempt RuleID : 32590 - Revision : 2 - Type : FILE-FLASH |
2014-12-18 | Adobe Flash Player string concatenation integer overflow attempt RuleID : 32576 - Revision : 3 - Type : FILE-FLASH |
2014-12-18 | Adobe Flash Player string concatenation integer overflow attempt RuleID : 32575 - Revision : 3 - Type : FILE-FLASH |
2014-12-18 | Adobe Flash Player string concatenation integer overflow attempt RuleID : 32574 - Revision : 2 - Type : FILE-FLASH |
2014-12-18 | Adobe Flash Player string concatenation integer overflow attempt RuleID : 32573 - Revision : 3 - Type : FILE-FLASH |
2014-12-18 | Adobe Flash Player string concatenation integer overflow attempt RuleID : 32572 - Revision : 3 - Type : FILE-FLASH |
2014-12-18 | Adobe Flash Player string concatenation integer overflow attempt RuleID : 32571 - Revision : 3 - Type : FILE-FLASH |
2014-12-18 | Adobe Flash Player malformed ATF header integer overflow attempt RuleID : 32570 - Revision : 3 - Type : FILE-FLASH |
2014-12-18 | Adobe Flash Player malformed ATF header integer overflow attempt RuleID : 32569 - Revision : 2 - Type : FILE-FLASH |
2014-12-18 | Adobe Flash Player malformed ATF header integer overflow attempt RuleID : 32568 - Revision : 3 - Type : FILE-FLASH |
2014-12-18 | Adobe Flash Player malformed ATF header integer overflow attempt RuleID : 32567 - Revision : 2 - Type : FILE-FLASH |
2014-11-16 | Adobe Flash Player integer overflow out-of-bounds read attempt RuleID : 32100 - Revision : 2 - Type : FILE-OTHER |
2014-11-16 | Adobe Flash Player integer overflow out-of-bounds read attempt RuleID : 32099 - Revision : 2 - Type : FILE-OTHER |
2014-11-16 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 32098 - Revision : 5 - Type : FILE-FLASH |
2014-11-16 | Adobe Flash copyPixelsToByteArray integer overflow attempt RuleID : 32097 - Revision : 4 - Type : FILE-FLASH |
2014-11-16 | Adobe Flash Player RTMP ping abort message double free attempt RuleID : 32077 - Revision : 3 - Type : FILE-FLASH |
2014-11-16 | Adobe Flash Player invalid TRCK frame attempt RuleID : 32027 - Revision : 3 - Type : FILE-FLASH |
2014-11-16 | Adobe Flash Player invalid TRCK frame attempt RuleID : 32026 - Revision : 3 - Type : FILE-FLASH |
2014-11-16 | Adobe Flash Player RegExp compilation heap overflow attempt RuleID : 31850 - Revision : 3 - Type : FILE-FLASH |
2014-11-16 | Adobe Flash Player RegExp compilation heap overflow attempt RuleID : 31849 - Revision : 2 - Type : FILE-FLASH |
2014-11-16 | Adobe Flash Player RegExp compilation heap overflow attempt RuleID : 31848 - Revision : 3 - Type : FILE-FLASH |
2014-11-16 | Adobe Flash Player RegExp compilation heap overflow attempt RuleID : 31847 - Revision : 2 - Type : FILE-FLASH |
2014-11-16 | Adobe Flash Player local-with-file-access security bypass attempt RuleID : 31842 - Revision : 3 - Type : FILE-FLASH |
2014-11-16 | Adobe Flash Player local-with-file-access security bypass attempt RuleID : 31841 - Revision : 3 - Type : FILE-FLASH |
2014-11-16 | Adobe Flash Player local-with-file-access security bypass attempt RuleID : 31840 - Revision : 3 - Type : FILE-FLASH |
2014-11-16 | Adobe Flash Player local-with-file-access security bypass attempt RuleID : 31839 - Revision : 2 - Type : FILE-FLASH |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-09-26 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_ca44b64c445311e49ea1c485083ca99c.nasl - Type : ACT_GATHER_INFO |
2014-09-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201409-05.nasl - Type : ACT_GATHER_INFO |
2014-09-14 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_flash-player-140910.nasl - Type : ACT_GATHER_INFO |
2014-09-11 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-535.nasl - Type : ACT_GATHER_INFO |
2014-09-11 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2014-1173.nasl - Type : ACT_GATHER_INFO |
2014-09-10 | Name : The remote Windows host contains a version of Adobe AIR that is affected by m... File : adobe_air_apsb14-21.nasl - Type : ACT_GATHER_INFO |
2014-09-10 | Name : The remote Windows host has a browser plugin that is affected by multiple vul... File : flash_player_apsb14-21.nasl - Type : ACT_GATHER_INFO |
2014-09-10 | Name : The remote host contains a web browser that is affected by multiple vulnerabi... File : google_chrome_37_0_2062_120.nasl - Type : ACT_GATHER_INFO |
2014-09-10 | Name : The remote Mac OS X host contains a version of Adobe AIR that is affected by ... File : macosx_adobe_air_15_0_0_249.nasl - Type : ACT_GATHER_INFO |
2014-09-10 | Name : The remote Mac OS X host has a browser plugin that is affected by multiple vu... File : macosx_flash_player_15_0_0_152.nasl - Type : ACT_GATHER_INFO |
2014-09-10 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_37_0_2062_120.nasl - Type : ACT_GATHER_INFO |
2014-09-10 | Name : The remote host has an ActiveX control installed that is affected by multiple... File : smb_kb2987114.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-09-23 13:26:48 |
|
2014-09-19 21:22:28 |
|