Adobe Air

This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor	Adobe	First view	2008-04-09
Product	Air	Last view	2017-06-27
Version		Type
Update
Edition
Language
Sofware Edition
Target Software
Target Hardware
Other

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name	Affected CVE
cpe:2.3:a:adobe:air:1.0:::::::*	281
cpe:2.3:a:adobe:air:1.5:::::::*	280
cpe:2.3:a:adobe:air::::::::	279
cpe:2.3:a:adobe:air:1.01:::::::*	279
cpe:2.3:a:adobe:air:1.1:::::::*	279
cpe:2.3:a:adobe:air:1.5.1:::::::*	276
cpe:2.3:a:adobe:air:1.5.3:::::::*	268
cpe:2.3:a:adobe:air:1.5.2:::::::*	268
cpe:2.3:a:adobe:air:1.5.3.9130:::::::*	268
cpe:2.3:a:adobe:air:2.0.0:::::::*	240
cpe:2.3:a:adobe:air:3.2:::::::*	239
cpe:2.3:a:adobe:air:2.7.1.1961:::::::*	239
cpe:2.3:a:adobe:air:2.7.0.1953:::::::*	239
cpe:2.3:a:adobe:air:2.7.0.1948:::::::*	239
cpe:2.3:a:adobe:air:2.6:::::::*	239
cpe:2.3:a:adobe:air:2.5.1:::::::*	239
cpe:2.3:a:adobe:air:2.5:::::::*	239
cpe:2.3:a:adobe:air:3.5:::::::*	232
cpe:2.3:a:adobe:air:3.4:::::::*	232
cpe:2.3:a:adobe:air:3.3:::::::*	232
cpe:2.3:a:adobe:air:15.0.0.292:::::::*	227
cpe:2.3:a:adobe:air:15.0.0.356:::::::*	227
cpe:2.3:a:adobe:air:17.0.0.144:::::::*	227
cpe:2.3:a:adobe:air:15.0.0.293:::::::*	227
cpe:2.3:a:adobe:air:17.0.0.172:::::::*	222
cpe:2.3:a:adobe:air:18.0.0.143:::::::*	209
cpe:2.3:a:adobe:air:18.0.0.144:::::::*	209
cpe:2.3:a:adobe:air:18.0.0.180:::::::*	203
cpe:2.3:a:adobe:air:18.0.0.199:::::::*	194
cpe:2.3:a:adobe:air:19.0.0.190:::::::*	171
cpe:2.3:a:adobe:air:19.0.0.213:::::::*	150
cpe:2.3:a:adobe:air:19.0.0.241:::::android::	133
cpe:2.3:a:adobe:air:19.0.0.241:::::::*	133
cpe:2.3:a:adobe:air:20.0.0.204:::::android::	43
cpe:2.3:a:adobe:air:20.0.0.204:::::::*	43
cpe:2.3:a:adobe:air:20.0.0.233:::::::*	23

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.

	Date	Alert	Description
9.8	2017-06-27	CVE-2016-0959	Use after free vulnerability in Adobe Flash Player Desktop Runtime before 20.0.0.267, Adobe Flash Player Extended Support Release before 18.0.0.324, Adobe Flash Player for Google Chrome before 20.0.0.267, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 before 20.0.0.267, Adobe Flash Player for Internet Explorer 10 and 11 before 20.0.0.267, Adobe Flash Player for Linux before 11.2.202.559, AIR Desktop Runtime before 20.0.0.233, AIR SDK before 20.0.0.233, AIR SDK & Compiler before 20.0.0.233, AIR for Android before 20.0.0.233.
8.8	2016-04-22	CVE-2015-8823	Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via crafted text property, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8063, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, CVE-2015-8454, CVE-2015-8653, CVE-2015-8655, CVE-2015-8821, and CVE-2015-8822.
8.8	2016-03-12	CVE-2016-1010	Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-0993.
8.8	2016-03-12	CVE-2016-1005	Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1002.
8.8	2016-03-12	CVE-2016-1002	Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1005.
8.8	2016-03-12	CVE-2016-1001	Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors.
8.8	2016-03-12	CVE-2016-1000	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999.
8.8	2016-03-12	CVE-2016-0999	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000.
8.8	2016-03-12	CVE-2016-0998	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000.
8.8	2016-03-12	CVE-2016-0997	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
8.8	2016-03-12	CVE-2016-0996	Use-after-free vulnerability in the setInterval method in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
8.8	2016-03-12	CVE-2016-0995	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
8.8	2016-03-12	CVE-2016-0994	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code by using the actionCallMethod opcode with crafted arguments, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
8.8	2016-03-12	CVE-2016-0993	Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0963 and CVE-2016-1010.
8.8	2016-03-12	CVE-2016-0992	Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-1002, and CVE-2016-1005.
8.8	2016-03-12	CVE-2016-0991	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
8.8	2016-03-12	CVE-2016-0990	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
8.8	2016-03-12	CVE-2016-0989	Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
8.8	2016-03-12	CVE-2016-0988	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
8.8	2016-03-12	CVE-2016-0987	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
8.8	2016-03-12	CVE-2016-0986	Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
8.8	2016-03-12	CVE-2016-0963	Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0993 and CVE-2016-1010.
8.8	2016-03-12	CVE-2016-0962	Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
8.8	2016-03-12	CVE-2016-0961	Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.
8.8	2016-03-12	CVE-2016-0960	Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.

CWE : Common Weakness Enumeration

%	id	Name
53% (86)	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
11% (18)	CWE-416	Use After Free
8% (13)	CWE-200	Information Exposure
5% (9)	CWE-189	Numeric Errors
4% (8)	CWE-787	Out-of-bounds Write
3% (6)	CWE-264	Permissions, Privileges, and Access Controls
3% (5)	CWE-190	Integer Overflow or Wraparound
2% (4)	CWE-399	Resource Management Errors
1% (3)	CWE-94	Failure to Control Generation of Code ('Code Injection')
1% (3)	CWE-20	Improper Input Validation
1% (2)	CWE-352	Cross-Site Request Forgery (CSRF)
1% (2)	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting')
0% (1)	CWE-476	NULL Pointer Dereference
0% (1)	CWE-426	Untrusted Search Path
0% (1)	CWE-59	Improper Link Resolution Before File Access ('Link Following')

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.

OvalID	Name
oval:org.mitre.oval:def:10160	Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows re...
oval:org.mitre.oval:def:10724	Unspecified vulnerability in Adobe Flash Player 9.0.115.0 and earlier, and 8....
oval:org.mitre.oval:def:22730	ELSA-2008:0945: flash-plugin security update (Critical)
oval:org.mitre.oval:def:6662	Adobe Flash Player Settings Manager May Let Remote Users Conduct Clickjacking...
oval:org.mitre.oval:def:16419	Adobe Flash Player Settings Manager May Let Remote Users Conduct Clickjacking...
oval:org.mitre.oval:def:6470	Adobe Flash Player Unspecified Remote Denial of Service Vulnerability
oval:org.mitre.oval:def:15837	Adobe Flash Player Unspecified Remote Denial of Service Vulnerability
oval:org.mitre.oval:def:6593	Adobe Flash Player Invalid Object Reference Remote Code Execution
oval:org.mitre.oval:def:16057	Adobe Flash Player Invalid Object Reference Remote Code Execution
oval:org.mitre.oval:def:6674	Adobe Flash Player Mouse Pointer Display Issue May Let Remote Users Conduct C...
oval:org.mitre.oval:def:6961	Adobe Flash Player and AIR Unspecified Privilege Escalation Vulnerability
oval:org.mitre.oval:def:16391	Adobe Flash Player and AIR Unspecified Privilege Escalation Vulnerability
oval:org.mitre.oval:def:6660	Adobe Flash Player and AIR Loader Object Heap Memory Corruption Vulnerability
oval:org.mitre.oval:def:16133	Adobe Flash Player and AIR Loader Object Heap Memory Corruption Vulnerability
oval:org.mitre.oval:def:7011	Adobe Flash Player and AIR NULL Pointer Exception Remote Code Execution Vulne...
oval:org.mitre.oval:def:16338	Adobe Flash Player and AIR NULL Pointer Exception Remote Code Execution Vulne...
oval:org.mitre.oval:def:7271	Adobe Flash Player and AIR Stack Buffer Overflow Vulnerability
oval:org.mitre.oval:def:16198	Adobe Flash Player and AIR Stack Buffer Overflow Vulnerability
oval:org.mitre.oval:def:6694	Adobe Flash Player and AIR Unspecified Clickjacking Vulnerability
oval:org.mitre.oval:def:15430	Adobe Flash Player and AIR Unspecified Clickjacking Vulnerability
oval:org.mitre.oval:def:6865	Adobe Flash Player and AIR URI Parsing Heap Buffer Overflow Vulnerability
oval:org.mitre.oval:def:15955	Adobe Flash Player and AIR URI Parsing Heap Buffer Overflow Vulnerability
oval:org.mitre.oval:def:6998	Adobe Flash Player and AIR 'intf_count' Integer Overflow Vulnerability
oval:org.mitre.oval:def:15994	Adobe Flash Player and AIR 'intf_count' Integer Overflow Vulnerability
oval:org.mitre.oval:def:6648	Adobe Flash Player and AIR Sandbox Bypass Information Disclosure Vulnerability

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.

id	Description
67058	Adobe Flash Player ActionScript connect Method Memory Corruption
66119	Adobe Flash Player ActionScript Virtual Machine newFrameState Method Remote O...
65600	Adobe Flash Player / AIR on VMWare Tools Unspecified Memory Corruption DoS (2...
65599	Adobe Flash Player / AIR LocalConnection Connect Method Memory Corruption
65598	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2187)
65597	Adobe Flash Player / AIR Unspecified Application Crash DoS (2010-2186)
65596	Adobe Flash Player / AIR Unspecified Overflow (2010-2185)
65595	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2184)
65594	Adobe Flash Player / AIR Unspecified Overflow (2010-2183)
65593	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2182)
65592	Adobe Flash Player / AIR Unspecified Overflow (2010-2181)
65591	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2180)
65590	Adobe Flash Player / AIR Unspecified URL Parsing XSS (2010-2179)
65589	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2178)
65588	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2177)
65587	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2176)
65586	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2175)
65585	Adobe Flash Player / AIR newfunction Operator Processing Invalid Pointer Arbi...
65584	Adobe Flash Player / AIR newclass Operator Processing Invalid Pointer Arbitra...
65582	Adobe Flash Player / AIR Multiple Tag JPEG Parsing Memory Corruption
65581	Adobe Flash Player / AIR Unspecified Overflow (2010-2170)
65580	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2169)
65579	Adobe Flash Player / AIR GIF/JPEG Processing Multiple Unspecified Overflows
65578	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2166)
65577	Adobe Flash Player / AIR Unspecified Memory Corruption DoS (2010-2165)

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.

id	Description
2013-03-28	Name : Adobe Air Multiple Vulnerabilities - December12 (Mac OS X) File : nvt/gb_adobe_air_mult_vuln_dec12_macosx.nasl
2013-03-28	Name : Adobe Air Multiple Vulnerabilities - December12 (Windows) File : nvt/gb_adobe_air_mult_vuln_dec12_win.nasl
2012-12-14	Name : Adobe Flash Player Multiple Vulnerabilities - December12 (Windows) File : nvt/gb_adobe_prdts_mult_vuln_dec12_win.nasl
2012-12-14	Name : Adobe Flash Player Multiple Vulnerabilities - December12 (Mac OS X) File : nvt/gb_adobe_prdts_mult_vuln_dec12_macosx.nasl
2012-12-14	Name : Adobe Flash Player Multiple Vulnerabilities - December12 (Linux) File : nvt/gb_adobe_flash_player_mult_vuln_dec12_lin.nasl
2012-12-13	Name : SuSE Update for flash-player openSUSE-SU-2012:0723-1 (flash-player) File : nvt/gb_suse_2012_0723_1.nasl
2012-11-26	Name : FreeBSD Ports: linux-f10-flashplugin File : nvt/freebsd_linux-f10-flashplugin5.nasl
2012-08-10	Name : Gentoo Security Advisory GLSA 201206-21 (Adobe Flash Player) File : nvt/glsa_201206_21.nasl
2012-08-10	Name : FreeBSD Ports: linux-f10-flashplugin File : nvt/freebsd_linux-f10-flashplugin3.nasl
2012-06-20	Name : Adobe Flash Player Multiple Vulnerabilities June-2012 (Windows) File : nvt/gb_adobe_prdts_mult_vuln_jun12_win.nasl
2012-06-20	Name : Adobe Flash Player Multiple Vulnerabilities June-2012 (Mac OS X) File : nvt/gb_adobe_prdts_mult_vuln_jun12_macosx.nasl
2012-06-20	Name : Adobe Flash Player Multiple Vulnerabilities June-2012 (Linux) File : nvt/gb_adobe_flash_player_mult_vuln_jun12_lin.nasl
2011-09-07	Name : Mac OS X v10.6.4 Multiple Vulnerabilities (2010-007) File : nvt/gb_macosx_su10-007.nasl
2011-03-09	Name : Gentoo Security Advisory GLSA 201101-09 (adobe-flash) File : nvt/glsa_201101_09.nasl
2010-09-10	Name : SuSE Update for acroread SUSE-SA:2010:037 File : nvt/gb_suse_2010_037.nasl
2010-08-21	Name : FreeBSD Ports: linux-flashplugin File : nvt/freebsd_linux-flashplugin9.nasl
2010-08-16	Name : SuSE Update for flash-player SUSE-SA:2010:034 File : nvt/gb_suse_2010_034.nasl
2010-07-06	Name : FreeBSD Ports: linux-flashplugin File : nvt/freebsd_linux-flashplugin8.nasl
2010-06-23	Name : SuSE Update for flash-player SUSE-SA:2010:024 File : nvt/gb_suse_2010_024.nasl
2010-06-22	Name : Adobe Flash Player/Air Multiple Vulnerabilities - June10 (Linux) File : nvt/secpod_adobe_prdts_mult_vuln_jun10_lin.nasl
2010-06-22	Name : Adobe Flash Player/Air Multiple Vulnerabilities - June10 (Win) File : nvt/secpod_adobe_prdts_mult_vuln_jun10_win.nasl
2010-05-12	Name : Mac OS X 10.5.3 Update / Mac OS X Security Update 2008-003 File : nvt/macosx_upd_10_5_3_secupd_2008-003.nasl
2010-05-12	Name : Mac OS X Security Update 2009-005 File : nvt/macosx_secupd_2009-005.nasl
2010-05-12	Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl
2010-05-12	Name : Mac OS X 10.6.1 Update File : nvt/macosx_upd_10_6_1.nasl

Information Assurance Vulnerability Management (IAVM)

id	Description
2015-A-0221	Multiple Vulnerabilities in Adobe Flash Player and AIR Severity: Category I - VMSKEY: V0061469

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.

Date	Description
2020-09-19	Adobe Flash Player AVM domain memory range integer overflow attempt RuleID : 54826 - Type : FILE-FLASH - Revision : 1
2020-09-19	Adobe Flash Player AVM domain memory range integer overflow attempt RuleID : 54825 - Type : FILE-FLASH - Revision : 1
2019-12-05	Adobe Flash Player FLV Nellymoser audio codec stack overflow attempt RuleID : 52080 - Type : FILE-FLASH - Revision : 1
2019-12-05	Adobe Flash Player FLV Nellymoser audio codec stack overflow attempt RuleID : 52079 - Type : FILE-FLASH - Revision : 1
2019-09-24	Adobe Flash Player malformed ATF heap overflow attempt RuleID : 51226 - Type : FILE-FLASH - Revision : 1
2019-09-24	Adobe Flash Player malformed ATF heap overflow attempt RuleID : 51225 - Type : FILE-FLASH - Revision : 1
2019-09-19	Adobe Flash player memory corruption attempt RuleID : 51082 - Type : FILE-FLASH - Revision : 1
2019-09-19	Adobe Flash player memory corruption attempt RuleID : 51081 - Type : FILE-FLASH - Revision : 1
2018-03-27	Adobe Flash Player ByteArray shading memory leak attempt RuleID : 45744 - Type : FILE-FLASH - Revision : 1
2018-03-27	Adobe Flash Player ByteArray shading memory leak attempt RuleID : 45743 - Type : FILE-FLASH - Revision : 1
2018-03-13	Adobe Flash Player movieclip duplicateMovieClip use-after-free attempt RuleID : 45616 - Type : FILE-FLASH - Revision : 2
2018-03-13	Adobe Flash Player movieclip duplicateMovieClip use-after-free attempt RuleID : 45615 - Type : FILE-FLASH - Revision : 2
2018-03-13	Adobe Flash Player Selection.SetSelection use-after-free attempt RuleID : 45614 - Type : FILE-FLASH - Revision : 1
2018-03-13	Adobe Flash Player Selection.SetSelection use-after-free attempt RuleID : 45613 - Type : FILE-FLASH - Revision : 1
2018-02-20	Adobe Flash Player movieclip startdrag use-after-free attempt RuleID : 45501 - Type : FILE-FLASH - Revision : 1
2018-02-20	Adobe Flash Player movieclip startdrag use-after-free attempt RuleID : 45500 - Type : FILE-FLASH - Revision : 1
2018-02-20	Adobe Flash Player movieclip attachbitmap use-after-free attempt RuleID : 45459 - Type : FILE-FLASH - Revision : 2
2018-02-20	Adobe Flash Player movieclip attachbitmap use-after-free attempt RuleID : 45458 - Type : FILE-FLASH - Revision : 1
2018-01-03	Adobe Flash Player use after free attempt RuleID : 45085 - Type : FILE-FLASH - Revision : 2
2017-03-28	Adobe Flash Player invalid package script information use after free attempt RuleID : 41706 - Type : FILE-FLASH - Revision : 2
2017-03-28	Adobe Flash Player invalid package script information use after free attempt RuleID : 41705 - Type : FILE-FLASH - Revision : 2
2017-03-07	Adobe Flash Player AS2 TextField antiAliasType use after free attempt RuleID : 41486 - Type : FILE-FLASH - Revision : 2
2017-03-07	Adobe Flash Player AS2 TextField antiAliasType use after free attempt RuleID : 41485 - Type : FILE-FLASH - Revision : 2
2017-02-25	Adobe Flash Player custom toString function attempt RuleID : 41412 - Type : FILE-FLASH - Revision : 5
2017-02-25	Adobe Flash Player custom toString function attempt RuleID : 41411 - Type : FILE-FLASH - Revision : 5

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.

id	Description
2016-06-22	Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201509-07.nasl - Type: ACT_GATHER_INFO
2016-04-01	Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_f7b3d1ebf73811e5a7100011d823eebd.nasl - Type: ACT_GATHER_INFO
2016-03-14	Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201603-07.nasl - Type: ACT_GATHER_INFO
2016-03-14	Name: The remote openSUSE host is missing a security update. File: openSUSE-2016-325.nasl - Type: ACT_GATHER_INFO
2016-03-14	Name: The remote openSUSE host is missing a security update. File: openSUSE-2016-335.nasl - Type: ACT_GATHER_INFO
2016-03-14	Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2016-0438.nasl - Type: ACT_GATHER_INFO
2016-03-14	Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2016-0715-1.nasl - Type: ACT_GATHER_INFO
2016-03-14	Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2016-0716-1.nasl - Type: ACT_GATHER_INFO
2016-03-11	Name: The remote Windows host has a browser plugin installed that is affected by mu... File: adobe_air_apsb16-08.nasl - Type: ACT_GATHER_INFO
2016-03-11	Name: The remote Windows host has a browser plugin installed that is affected by mu... File: flash_player_apsb16-08.nasl - Type: ACT_GATHER_INFO
2016-03-11	Name: The remote Mac OS X host has a browser plugin installed that is affected by m... File: macosx_adobe_air_apsb16-08.nasl - Type: ACT_GATHER_INFO
2016-03-11	Name: The remote Mac OS X host has a browser plugin installed that is affected by m... File: macosx_flash_player_apsb16-08.nasl - Type: ACT_GATHER_INFO
2016-03-11	Name: The remote Windows host has a browser plugin installed that is affected by mu... File: smb_nt_ms16-036.nasl - Type: ACT_GATHER_INFO
2016-01-27	Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201601-03.nasl - Type: ACT_GATHER_INFO
2016-01-04	Name: The remote openSUSE host is missing a security update. File: openSUSE-2015-882.nasl - Type: ACT_GATHER_INFO
2016-01-04	Name: The remote openSUSE host is missing a security update. File: openSUSE-2015-975.nasl - Type: ACT_GATHER_INFO
2016-01-04	Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2015-2401-1.nasl - Type: ACT_GATHER_INFO
2016-01-04	Name: The remote SUSE host is missing one or more security updates. File: suse_SU-2015-2402-1.nasl - Type: ACT_GATHER_INFO
2015-12-30	Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_84c7ea88bf044bdc973b36744bf540ab.nasl - Type: ACT_GATHER_INFO
2015-12-30	Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2015-2697.nasl - Type: ACT_GATHER_INFO
2015-12-30	Name: The remote Windows host has a browser plugin installed that is affected by mu... File: smb_kb3132372.nasl - Type: ACT_GATHER_INFO
2015-12-29	Name: The remote Windows host has a browser plugin installed that is affected by mu... File: adobe_air_apsb16-01.nasl - Type: ACT_GATHER_INFO
2015-12-29	Name: The remote Windows host has a browser plugin installed that is affected by mu... File: flash_player_apsb16-01.nasl - Type: ACT_GATHER_INFO
2015-12-29	Name: The remote Mac OS X host has a browser plugin installed that is affected by m... File: macosx_adobe_air_apsb16-01.nasl - Type: ACT_GATHER_INFO
2015-12-29	Name: The remote Mac OS X host has a browser plugin installed that is affected by m... File: macosx_flash_player_apsb16-01.nasl - Type: ACT_GATHER_INFO

vDNA Monitoring

	no vDNA Monitoring
Monitor this product now !

Global informations

Mapping	Total
CVE ID(s)	285
CWE ID(s)	15
OVALid	108
osvdb(s)	48
OpenVAS Exploit(s)	45
IAVM(s)	1
Snort® Rule(s)	511
Nessus® Exploit(s)	226

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.6239s

Facebook rss twitter linkedin mail