The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Flash

computer vulnerability bulletin CVE-2018-4919 CVE-2018-4920

Adobe Flash Player: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 14/03/2018.
Identifiers: APSB18-05, CERTFR-2018-AVI-127, CVE-2018-4919, CVE-2018-4920, RHSA-2018:0520-01, VIGILANCE-VUL-25538.

Description of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2018-4877 CVE-2018-4878

Adobe Flash Player: use after free

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area of Adobe Flash Player, in order to trigger a denial of service, and possibly to run code.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 4/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 07/02/2018.
Revision date: 26/02/2018.
Identifiers: APSB18-03, CERTFR-2018-AVI-071, CERTFR-2018-AVI-072, CVE-2018-4877, CVE-2018-4878, RHSA-2018:0285-01, VIGILANCE-VUL-25234, ZDI-18-178.

Description of the vulnerability

An attacker can force the usage of a freed memory area of Adobe Flash Player, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2018-4871

Adobe Flash Player: out-of-bounds memory reading

Synthesis of the vulnerability

An attacker can force a read at an invalid address of Adobe Flash Player, in order to trigger a denial of service, or to obtain sensitive information.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 2/4.
Consequences: data reading, denial of service on client.
Provenance: document.
Creation date: 10/01/2018.
Identifiers: APSB18-01, CERTFR-2018-AVI-015, CVE-2018-4871, RHSA-2018:0081-01, VIGILANCE-VUL-24988, ZDI-18-124.

Description of the vulnerability

An attacker can force a read at an invalid address of Adobe Flash Player, in order to trigger a denial of service, or to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-11305

Adobe Flash Player: preferences reset

Synthesis of the vulnerability

User preferences of Adobe Flash Player can be reset.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 2/4.
Consequences: data reading.
Provenance: document.
Creation date: 13/12/2017.
Identifiers: APSB17-42, CERTFR-2017-AVI-461, CVE-2017-11305, RHSA-2018:0081-01, VIGILANCE-VUL-24752.

Description of the vulnerability

User preferences of Adobe Flash Player can be reset.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2017-11213 CVE-2017-11215 CVE-2017-11225

Adobe Flash Player: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 8, Windows RT, openSUSE Leap, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 5.
Creation date: 15/11/2017.
Identifiers: APSB17-33, CERTFR-2017-AVI-413, CVE-2017-11213, CVE-2017-11215, CVE-2017-11225, CVE-2017-3112, CVE-2017-3114, openSUSE-SU-2018:0704-1, openSUSE-SU-2018:1175-1, openSUSE-SU-2018:1437-1, RHSA-2017:3222-01, VIGILANCE-VUL-24432, ZDI-17-996, ZDI-17-997, ZDI-17-998.

Description of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2017-11292

Adobe Flash Player: memory corruption via Type Confusion

Synthesis of the vulnerability

An attacker can generate a memory corruption via Type Confusion of Adobe Flash Player, in order to trigger a denial of service, and possibly to run code.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Creation date: 16/10/2017.
Identifiers: ADV170018, APSB17-32, CERTFR-2017-AVI-355, CVE-2017-11292, RHSA-2017:2899-01, VIGILANCE-VUL-24150.

Description of the vulnerability

An attacker can generate a memory corruption via Type Confusion of Adobe Flash Player, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2017-11281 CVE-2017-11282

Adobe Flash Player: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 13/09/2017.
Identifiers: 1321, 1322, 1323, APSB17-28, CERTFR-2017-AVI-289, CVE-2017-11281, CVE-2017-11282, RHSA-2017:2702-01, VIGILANCE-VUL-23820.

Description of the vulnerability

Several vulnerabilities were announced in Adobe Flash Player.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-11281]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-11282]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-3085 CVE-2017-3106

Adobe Flash Player: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, Windows RT, RHEL.
Severity: 4/4.
Consequences: user access/rights, data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 09/08/2017.
Identifiers: 1320, APSB17-23, CERTFR-2017-AVI-255, CVE-2017-3085, CVE-2017-3106, RHSA-2017:2457-01, VIGILANCE-VUL-23475, ZDI-17-634.

Description of the vulnerability

Several vulnerabilities were announced in Adobe Flash Player.

An attacker can bypass security features, in order to obtain sensitive information. [severity:2/4; CVE-2017-3085]

An attacker can use a vulnerability, in order to run code. [severity:4/4; CVE-2017-3106]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2017-3080 CVE-2017-3099 CVE-2017-3100

Adobe Flash Player: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 2016, Windows 7, Windows 8, RHEL.
Severity: 3/4.
Consequences: user access/rights, data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 12/07/2017.
Identifiers: APSB17-21, CERTFR-2017-AVI-205, CVE-2017-3080, CVE-2017-3099, CVE-2017-3100, RHSA-2017:1731-01, VIGILANCE-VUL-23206, ZDI-17-477, ZDI-17-486.

Description of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2017-3075 CVE-2017-3076 CVE-2017-3077

Adobe Flash Player: nine vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Adobe Flash Player.
Impacted products: Flash Player, IE, Windows 10, Windows 2012, Windows 2016, Windows 8, Windows RT, RHEL.
Severity: 4/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 9.
Creation date: 13/06/2017.
Identifiers: 1212, 1215, 1216, APSB17-17, CERTFR-2017-AVI-175, CVE-2017-3075, CVE-2017-3076, CVE-2017-3077, CVE-2017-3078, CVE-2017-3079, CVE-2017-3081, CVE-2017-3082, CVE-2017-3083, CVE-2017-3084, RHSA-2017:1439-01, VIGILANCE-VUL-22960, ZDI-17-399, ZDI-17-406, ZDI-17-407, ZDI-17-408.

Description of the vulnerability

Several vulnerabilities were announced in Adobe Flash Player.

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3075]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3076]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3077]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3078]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3079]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3081]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3082]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3083]

An attacker can force the usage of a freed memory area, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2017-3084]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Flash: