The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Adobe Flash Player

vulnerability announce CVE-2019-7090

Adobe Flash Player: out-of-bounds memory reading

Synthesis of the vulnerability

An attacker can force a read at an invalid address of Adobe Flash Player, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 2019, Windows 8, Windows RT, RHEL.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 12/02/2019.
Identifiers: APSB19-06, CERTFR-2019-AVI-057, CVE-2019-7090, RHSA-2019:0348-01, VIGILANCE-VUL-28482.

Description of the vulnerability

An attacker can force a read at an invalid address of Adobe Flash Player, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2018-15978

Adobe Flash Player: out-of-bounds memory reading

Synthesis of the vulnerability

An attacker can force a read at an invalid address of Adobe Flash Player, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 14/11/2018.
Identifiers: APSB18-39, CERTFR-2018-AVI-548, CVE-2018-15978, RHSA-2018:3618-01, VIGILANCE-VUL-27766.

Description of the vulnerability

An attacker can force a read at an invalid address of Adobe Flash Player, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2018-15967

Adobe Flash Player: information disclosure

Synthesis of the vulnerability

An attacker can bypass access restrictions to data of Adobe Flash Player, in order to obtain sensitive information.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Creation date: 12/09/2018.
Identifiers: APSB18-31, CERTFR-2018-AVI-430, CVE-2018-15967, RHSA-2018:2707-01, VIGILANCE-VUL-27207.

Description of the vulnerability

An attacker can bypass access restrictions to data of Adobe Flash Player, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2018-12824 CVE-2018-12825 CVE-2018-12826

Adobe Flash Player: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 5.
Creation date: 16/08/2018.
Identifiers: 1600, APSB18-25, CERTFR-2018-AVI-389, CVE-2018-12824, CVE-2018-12825, CVE-2018-12826, CVE-2018-12827, CVE-2018-12828, RHSA-2018:2435-01, VIGILANCE-VUL-26982, ZDI-18-957.

Description of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2018-4871

Adobe Flash Player: out-of-bounds memory reading

Synthesis of the vulnerability

An attacker can force a read at an invalid address of Adobe Flash Player, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 2/4.
Consequences: data reading, denial of service on client.
Provenance: document.
Creation date: 10/01/2018.
Identifiers: APSB18-01, CERTFR-2018-AVI-015, CVE-2018-4871, RHSA-2018:0081-01, VIGILANCE-VUL-24988, ZDI-18-124.

Description of the vulnerability

An attacker can force a read at an invalid address of Adobe Flash Player, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-11305

Adobe Flash Player: preferences reset

Synthesis of the vulnerability

User preferences of Adobe Flash Player can be reset.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Creation date: 13/12/2017.
Identifiers: APSB17-42, CERTFR-2017-AVI-461, CVE-2017-11305, RHSA-2018:0081-01, VIGILANCE-VUL-24752.

Description of the vulnerability

User preferences of Adobe Flash Player can be reset.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-11213 CVE-2017-11215 CVE-2017-11225

Adobe Flash Player: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 8, Windows RT, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 5.
Creation date: 15/11/2017.
Identifiers: APSB17-33, CERTFR-2017-AVI-413, CVE-2017-11213, CVE-2017-11215, CVE-2017-11225, CVE-2017-3112, CVE-2017-3114, openSUSE-SU-2018:0704-1, openSUSE-SU-2018:1175-1, openSUSE-SU-2018:1437-1, RHSA-2017:3222-01, VIGILANCE-VUL-24432, ZDI-17-996, ZDI-17-997, ZDI-17-998.

Description of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2017-11292

Adobe Flash Player: memory corruption via Type Confusion

Synthesis of the vulnerability

An attacker can generate a memory corruption via Type Confusion of Adobe Flash Player, in order to trigger a denial of service, and possibly to run code.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Creation date: 16/10/2017.
Identifiers: ADV170018, APSB17-32, CERTFR-2017-AVI-355, CVE-2017-11292, RHSA-2017:2899-01, VIGILANCE-VUL-24150.

Description of the vulnerability

An attacker can generate a memory corruption via Type Confusion of Adobe Flash Player, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2017-11281 CVE-2017-11282

Adobe Flash Player: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 13/09/2017.
Identifiers: 1321, 1322, 1323, APSB17-28, CERTFR-2017-AVI-289, CVE-2017-11281, CVE-2017-11282, RHSA-2017:2702-01, VIGILANCE-VUL-23820.

Description of the vulnerability

Several vulnerabilities were announced in Adobe Flash Player.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-11281]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-11282]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-3085 CVE-2017-3106

Adobe Flash Player: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows RT, RHEL.
Severity: 4/4.
Consequences: user access/rights, data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 09/08/2017.
Identifiers: 1320, APSB17-23, CERTFR-2017-AVI-255, CVE-2017-3085, CVE-2017-3106, RHSA-2017:2457-01, VIGILANCE-VUL-23475, ZDI-17-634.

Description of the vulnerability

Several vulnerabilities were announced in Adobe Flash Player.

An attacker can bypass security features, in order to obtain sensitive information. [severity:2/4; CVE-2017-3085]

An attacker can use a vulnerability, in order to run code. [severity:4/4; CVE-2017-3106]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Adobe Flash Player: