The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Flash

vulnerability announce CVE-2017-11305

Adobe Flash Player: preferences reset

Synthesis of the vulnerability

User preferences of Adobe Flash Player can be reset.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Creation date: 13/12/2017.
Identifiers: APSB17-42, CERTFR-2017-AVI-461, CVE-2017-11305, RHSA-2018:0081-01, VIGILANCE-VUL-24752.

Description of the vulnerability

User preferences of Adobe Flash Player can be reset.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-11213 CVE-2017-11215 CVE-2017-11225

Adobe Flash Player: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 8, Windows RT, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 5.
Creation date: 15/11/2017.
Identifiers: APSB17-33, CERTFR-2017-AVI-413, CVE-2017-11213, CVE-2017-11215, CVE-2017-11225, CVE-2017-3112, CVE-2017-3114, openSUSE-SU-2018:0704-1, openSUSE-SU-2018:1175-1, openSUSE-SU-2018:1437-1, RHSA-2017:3222-01, VIGILANCE-VUL-24432, ZDI-17-996, ZDI-17-997, ZDI-17-998.

Description of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2017-11292

Adobe Flash Player: memory corruption via Type Confusion

Synthesis of the vulnerability

An attacker can generate a memory corruption via Type Confusion of Adobe Flash Player, in order to trigger a denial of service, and possibly to run code.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Creation date: 16/10/2017.
Identifiers: ADV170018, APSB17-32, CERTFR-2017-AVI-355, CVE-2017-11292, RHSA-2017:2899-01, VIGILANCE-VUL-24150.

Description of the vulnerability

An attacker can generate a memory corruption via Type Confusion of Adobe Flash Player, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2017-11281 CVE-2017-11282

Adobe Flash Player: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 13/09/2017.
Identifiers: 1321, 1322, 1323, APSB17-28, CERTFR-2017-AVI-289, CVE-2017-11281, CVE-2017-11282, RHSA-2017:2702-01, VIGILANCE-VUL-23820.

Description of the vulnerability

Several vulnerabilities were announced in Adobe Flash Player.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-11281]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-11282]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-3085 CVE-2017-3106

Adobe Flash Player: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows RT, RHEL.
Severity: 4/4.
Consequences: user access/rights, data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 09/08/2017.
Identifiers: 1320, APSB17-23, CERTFR-2017-AVI-255, CVE-2017-3085, CVE-2017-3106, RHSA-2017:2457-01, VIGILANCE-VUL-23475, ZDI-17-634.

Description of the vulnerability

Several vulnerabilities were announced in Adobe Flash Player.

An attacker can bypass security features, in order to obtain sensitive information. [severity:2/4; CVE-2017-3085]

An attacker can use a vulnerability, in order to run code. [severity:4/4; CVE-2017-3106]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2017-3080 CVE-2017-3099 CVE-2017-3100

Adobe Flash Player: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, RHEL.
Severity: 3/4.
Consequences: user access/rights, data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 12/07/2017.
Identifiers: APSB17-21, CERTFR-2017-AVI-205, CVE-2017-3080, CVE-2017-3099, CVE-2017-3100, RHSA-2017:1731-01, VIGILANCE-VUL-23206, ZDI-17-477, ZDI-17-486.

Description of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2017-3075 CVE-2017-3076 CVE-2017-3077

Adobe Flash Player: nine vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, IE, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 9.
Creation date: 13/06/2017.
Identifiers: 1212, 1215, 1216, APSB17-17, CERTFR-2017-AVI-175, CVE-2017-3075, CVE-2017-3076, CVE-2017-3077, CVE-2017-3078, CVE-2017-3079, CVE-2017-3081, CVE-2017-3082, CVE-2017-3083, CVE-2017-3084, RHSA-2017:1439-01, VIGILANCE-VUL-22960, ZDI-17-399, ZDI-17-406, ZDI-17-407, ZDI-17-408.

Description of the vulnerability

Several vulnerabilities were announced in Adobe Flash Player.

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3075]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3076]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3077]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3078]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3079]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3081]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3082]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3083]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3084]
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2017-3068 CVE-2017-3069 CVE-2017-3070

Adobe Flash Player: seven vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, IE, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 4/4.
Consequences: user access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 7.
Creation date: 09/05/2017.
Revision date: 17/05/2017.
Identifiers: 1171, APSB17-15, CERTFR-2017-AVI-144, CVE-2017-3068, CVE-2017-3069, CVE-2017-3070, CVE-2017-3071, CVE-2017-3072, CVE-2017-3073, CVE-2017-3074, RHSA-2017:1219-01, SUSE-SU-2017:1238-1, VIGILANCE-VUL-22681.

Description of the vulnerability

Several vulnerabilities were announced in Adobe Flash Player.

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3071]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3068]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3069]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3070]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3072]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3073]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3074]
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2017-3058 CVE-2017-3059 CVE-2017-3060

Adobe Flash Player: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows RT, Windows Vista, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 4/4.
Consequences: user access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 7.
Creation date: 12/04/2017.
Revisions dates: 12/04/2017, 17/05/2017.
Identifiers: 1174, 1211, APSB17-10, CERTFR-2017-AVI-105, CVE-2017-3058, CVE-2017-3059, CVE-2017-3060, CVE-2017-3061, CVE-2017-3062, CVE-2017-3063, CVE-2017-3064, RHSA-2017:0934-01, SUSE-SU-2017:0990-1, VIGILANCE-VUL-22420, ZDI-17-245, ZDI-17-246, ZDI-17-247, ZDI-17-248, ZDI-17-278, ZDI-17-279.

Description of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-2997 CVE-2017-2998 CVE-2017-2999

Adobe Flash Player: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, IIS, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows RT, Windows Vista, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 7.
Creation date: 14/03/2017.
Revision date: 22/03/2017.
Identifiers: 3208223, 4010318, 4010319, 4010320, 4010321, 4013074, 4013075, 4013076, 4013078, 4013081, 4013082, 4013083, 4013389, 4014329, APSB17-07, CERTFR-2017-AVI-077, CVE-2017-2997, CVE-2017-2998, CVE-2017-2999, CVE-2017-3000, CVE-2017-3001, CVE-2017-3002, CVE-2017-3003, MS17-008, MS17-009, MS17-010, MS17-011, MS17-012, MS17-013, MS17-016, MS17-017, MS17-018, MS17-019, MS17-020, MS17-021, MS17-022, MS17-023, RHSA-2017:0526-01, SUSE-SU-2017:0703-1, VIGILANCE-VUL-22122, ZDI-17-174, ZDI-17-175, ZDI-17-176, ZDI-17-177, ZDI-17-178, ZDI-17-179, ZDI-17-287.

Description of the vulnerability

Several vulnerabilities were announced in Adobe Flash Player.

An attacker can generate a buffer overflow, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2997]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2998]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-2999]

An attacker can predict a random, in order to obtain sensitive information. [severity:2/4; CVE-2017-3000]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3001, ZDI-17-174, ZDI-17-175, ZDI-17-176, ZDI-17-177, ZDI-17-178, ZDI-17-179]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3002]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3003]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Flash: