Summary
Detail | |||
---|---|---|---|
Vendor | Adobe | First view | 2019-09-12 |
Product | Flash Player | Last view | 2020-10-14 |
Version | 32.0.0.207 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | chrome | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:adobe:flash_player |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
8.8 | 2020-10-14 | CVE-2020-9746 | Adobe Flash Player version 32.0.0.433 (and earlier) are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution. Exploitation of this issue requires an attacker to insert malicious strings in an HTTP response that is by default delivered over TLS/SSL. |
9.8 | 2020-06-12 | CVE-2020-9633 | Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution. |
8.8 | 2020-02-13 | CVE-2020-3757 | Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. |
7.5 | 2019-09-27 | CVE-2019-8075 | Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. |
9.8 | 2019-09-12 | CVE-2019-8070 | Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user. |
9.8 | 2019-09-12 | CVE-2019-8069 | Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
50% (2) | CWE-416 | Use After Free |
25% (1) | CWE-476 | NULL Pointer Dereference |
25% (1) | CWE-346 | Origin Validation Error |
Snort® IPS/IDS
Date | Description |
---|---|
2019-10-29 | Adobe Flash Player ActiveX same origin method execution attempt RuleID : 51648 - Type : FILE-FLASH - Revision : 1 |
2019-10-29 | Adobe Flash Player use-after-free attempt RuleID : 51644 - Type : FILE-FLASH - Revision : 1 |
2019-10-29 | Adobe Flash Player use-after-free attempt RuleID : 51643 - Type : FILE-FLASH - Revision : 1 |