Vulnerabilities > Adobe > Flash Player > 3

DATE CVE VULNERABILITY TITLE RISK
2012-06-09 CVE-2012-2035 Out-of-bounds Write vulnerability in multiple products
Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code via unspecified vectors.
network
adobe opensuse suse redhat CWE-787
critical
9.3
2012-06-09 CVE-2012-2034 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3.0.3610, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2037.
network
adobe opensuse suse redhat CWE-119
critical
9.3
2012-04-06 CVE-2012-0725 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0724.
network
adobe google CWE-119
critical
9.3
2012-04-06 CVE-2012-0724 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0725.
network
adobe google CWE-119
critical
9.3
2012-03-28 CVE-2012-0772 Buffer Errors vulnerability in Adobe AIR and Flash Player
An unspecified ActiveX control in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228, and AIR before 3.2.0.2070, on Windows does not properly perform URL security domain checking, which allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors.
network
low complexity
adobe microsoft CWE-119
critical
10.0
2012-03-05 CVE-2012-0769 Numeric Errors vulnerability in Adobe Flash Player and Flash Player for Android
Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x does not properly handle integers, which allows attackers to obtain sensitive information via unspecified vectors.
network
low complexity
adobe apple linux microsoft sun google CWE-189
5.0
2012-03-05 CVE-2012-0768 Resource Management Errors vulnerability in Adobe Flash Player and Flash Player for Android
The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
network
low complexity
adobe apple linux microsoft sun google CWE-399
critical
10.0
2011-09-22 CVE-2011-2444 Cross-Site Scripting vulnerability in Adobe Flash Player
Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, related to a "universal cross-site scripting issue," as exploited in the wild in September 2011.
4.3
2011-09-22 CVE-2011-2430 Improper Input Validation vulnerability in Adobe Flash Player
Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via crafted streaming media, related to a "logic error vulnerability."
9.3
2011-09-22 CVE-2011-2429 Permissions, Privileges, and Access Controls vulnerability in Adobe Flash Player
Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, related to a "security control bypass."
network
low complexity
adobe apple linux microsoft sun google CWE-264
5.0