The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Adobe Flash Player

vulnerability announce CVE-2019-7090

Adobe Flash Player: out-of-bounds memory reading

Synthesis of the vulnerability

An attacker can force a read at an invalid address of Adobe Flash Player, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 2019, Windows 8, Windows RT, RHEL.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 12/02/2019.
Identifiers: APSB19-06, CERTFR-2019-AVI-057, CVE-2019-7090, RHSA-2019:0348-01, VIGILANCE-VUL-28482.

Description of the vulnerability

An attacker can force a read at an invalid address of Adobe Flash Player, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2018-15978

Adobe Flash Player: out-of-bounds memory reading

Synthesis of the vulnerability

An attacker can force a read at an invalid address of Adobe Flash Player, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 2/4.
Consequences: data reading, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 14/11/2018.
Identifiers: APSB18-39, CERTFR-2018-AVI-548, CVE-2018-15978, RHSA-2018:3618-01, VIGILANCE-VUL-27766.

Description of the vulnerability

An attacker can force a read at an invalid address of Adobe Flash Player, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2018-15967

Adobe Flash Player: information disclosure

Synthesis of the vulnerability

An attacker can bypass access restrictions to data of Adobe Flash Player, in order to obtain sensitive information.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Creation date: 12/09/2018.
Identifiers: APSB18-31, CERTFR-2018-AVI-430, CVE-2018-15967, RHSA-2018:2707-01, VIGILANCE-VUL-27207.

Description of the vulnerability

An attacker can bypass access restrictions to data of Adobe Flash Player, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2018-12824 CVE-2018-12825 CVE-2018-12826

Adobe Flash Player: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 5.
Creation date: 16/08/2018.
Identifiers: 1600, APSB18-25, CERTFR-2018-AVI-389, CVE-2018-12824, CVE-2018-12825, CVE-2018-12826, CVE-2018-12827, CVE-2018-12828, RHSA-2018:2435-01, VIGILANCE-VUL-26982, ZDI-18-957.

Description of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2018-4919 CVE-2018-4920

Adobe Flash Player: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 14/03/2018.
Identifiers: APSB18-05, CERTFR-2018-AVI-127, CVE-2018-4919, CVE-2018-4920, RHSA-2018:0520-01, VIGILANCE-VUL-25538.

Description of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2018-4877 CVE-2018-4878

Adobe Flash Player: use after free

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area of Adobe Flash Player, in order to trigger a denial of service, and possibly to run code.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 4/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 07/02/2018.
Revision date: 26/02/2018.
Identifiers: APSB18-03, CERTFR-2018-AVI-071, CERTFR-2018-AVI-072, CVE-2018-4877, CVE-2018-4878, RHSA-2018:0285-01, VIGILANCE-VUL-25234, ZDI-18-178.

Description of the vulnerability

An attacker can force the usage of a freed memory area of Adobe Flash Player, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2018-4871

Adobe Flash Player: out-of-bounds memory reading

Synthesis of the vulnerability

An attacker can force a read at an invalid address of Adobe Flash Player, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 2/4.
Consequences: data reading, denial of service on client.
Provenance: document.
Creation date: 10/01/2018.
Identifiers: APSB18-01, CERTFR-2018-AVI-015, CVE-2018-4871, RHSA-2018:0081-01, VIGILANCE-VUL-24988, ZDI-18-124.

Description of the vulnerability

An attacker can force a read at an invalid address of Adobe Flash Player, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-11305

Adobe Flash Player: preferences reset

Synthesis of the vulnerability

User preferences of Adobe Flash Player can be reset.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Creation date: 13/12/2017.
Identifiers: APSB17-42, CERTFR-2017-AVI-461, CVE-2017-11305, RHSA-2018:0081-01, VIGILANCE-VUL-24752.

Description of the vulnerability

User preferences of Adobe Flash Player can be reset.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-11213 CVE-2017-11215 CVE-2017-11225

Adobe Flash Player: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 8, Windows RT, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 5.
Creation date: 15/11/2017.
Identifiers: APSB17-33, CERTFR-2017-AVI-413, CVE-2017-11213, CVE-2017-11215, CVE-2017-11225, CVE-2017-3112, CVE-2017-3114, openSUSE-SU-2018:0704-1, openSUSE-SU-2018:1175-1, openSUSE-SU-2018:1437-1, RHSA-2017:3222-01, VIGILANCE-VUL-24432, ZDI-17-996, ZDI-17-997, ZDI-17-998.

Description of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2017-11292

Adobe Flash Player: memory corruption via Type Confusion

Synthesis of the vulnerability

An attacker can generate a memory corruption via Type Confusion of Adobe Flash Player, in order to trigger a denial of service, and possibly to run code.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Creation date: 16/10/2017.
Identifiers: ADV170018, APSB17-32, CERTFR-2017-AVI-355, CVE-2017-11292, RHSA-2017:2899-01, VIGILANCE-VUL-24150.

Description of the vulnerability

An attacker can generate a memory corruption via Type Confusion of Adobe Flash Player, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Adobe Flash Player: