Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2017-AVI-135
Vulnerability from certfr_avis - Published: 2017-05-02 - Updated: 2017-05-02
De multiples vulnérabilités ont été corrigées dans Google Android (Nexus). Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Google Android (Nexus) toutes versions n'intégrant pas le correctif de sécurité du 1 mai 2017
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eGoogle Android (Nexus) toutes versions n\u0027int\u00e9grant pas le correctif de s\u00e9curit\u00e9 du 1 mai 2017\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-9794",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9794"
},
{
"name": "CVE-2017-0596",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0596"
},
{
"name": "CVE-2014-9947",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9947"
},
{
"name": "CVE-2017-0593",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0593"
},
{
"name": "CVE-2017-0331",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0331"
},
{
"name": "CVE-2016-5860",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5860"
},
{
"name": "CVE-2017-0600",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0600"
},
{
"name": "CVE-2015-9004",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9004"
},
{
"name": "CVE-2017-0601",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0601"
},
{
"name": "CVE-2017-0604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0604"
},
{
"name": "CVE-2017-0599",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0599"
},
{
"name": "CVE-2017-0632",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0632"
},
{
"name": "CVE-2017-0588",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0588"
},
{
"name": "CVE-2017-0493",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0493"
},
{
"name": "CVE-2017-0633",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0633"
},
{
"name": "CVE-2016-5858",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5858"
},
{
"name": "CVE-2014-9925",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9925"
},
{
"name": "CVE-2014-9945",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9945"
},
{
"name": "CVE-2017-0597",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0597"
},
{
"name": "CVE-2017-0603",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0603"
},
{
"name": "CVE-2017-0591",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0591"
},
{
"name": "CVE-2017-0630",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0630"
},
{
"name": "CVE-2014-9929",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9929"
},
{
"name": "CVE-2017-0609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0609"
},
{
"name": "CVE-2017-0602",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0602"
},
{
"name": "CVE-2014-9941",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9941"
},
{
"name": "CVE-2017-0605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0605"
},
{
"name": "CVE-2017-0625",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0625"
},
{
"name": "CVE-2017-0594",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0594"
},
{
"name": "CVE-2016-5853",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5853"
},
{
"name": "CVE-2017-0634",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0634"
},
{
"name": "CVE-2017-0616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0616"
},
{
"name": "CVE-2014-9944",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9944"
},
{
"name": "CVE-2014-9949",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9949"
},
{
"name": "CVE-2017-0615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0615"
},
{
"name": "CVE-2017-0629",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0629"
},
{
"name": "CVE-2017-0592",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0592"
},
{
"name": "CVE-2016-1028",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1028"
},
{
"name": "CVE-2017-0621",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0621"
},
{
"name": "CVE-2016-5855",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5855"
},
{
"name": "CVE-2014-9946",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9946"
},
{
"name": "CVE-2017-0612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0612"
},
{
"name": "CVE-2017-0620",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0620"
},
{
"name": "CVE-2015-7555",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7555"
},
{
"name": "CVE-2017-0618",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0618"
},
{
"name": "CVE-2015-9005",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9005"
},
{
"name": "CVE-2016-5859",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5859"
},
{
"name": "CVE-2016-1027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1027"
},
{
"name": "CVE-2017-0613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0613"
},
{
"name": "CVE-2017-0606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0606"
},
{
"name": "CVE-2016-1029",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1029"
},
{
"name": "CVE-2017-0617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0617"
},
{
"name": "CVE-2017-0619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0619"
},
{
"name": "CVE-2017-0595",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0595"
},
{
"name": "CVE-2017-0624",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0624"
},
{
"name": "CVE-2014-9951",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9951"
},
{
"name": "CVE-2014-9928",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9928"
},
{
"name": "CVE-2017-0627",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0627"
},
{
"name": "CVE-2015-9006",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9006"
},
{
"name": "CVE-2014-9943",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9943"
},
{
"name": "CVE-2016-5868",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5868"
},
{
"name": "CVE-2016-5854",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5854"
},
{
"name": "CVE-2017-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0465"
},
{
"name": "CVE-2014-9926",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9926"
},
{
"name": "CVE-2017-0589",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0589"
},
{
"name": "CVE-2016-1024",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1024"
},
{
"name": "CVE-2017-0610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0610"
},
{
"name": "CVE-2016-5867",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5867"
},
{
"name": "CVE-2016-5862",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5862"
},
{
"name": "CVE-2014-9952",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9952"
},
{
"name": "CVE-2014-9940",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9940"
},
{
"name": "CVE-2014-9930",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9930"
},
{
"name": "CVE-2015-9007",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9007"
},
{
"name": "CVE-2017-0607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0607"
},
{
"name": "CVE-2014-9950",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9950"
},
{
"name": "CVE-2017-0611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0611"
},
{
"name": "CVE-2014-9948",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9948"
},
{
"name": "CVE-2014-9923",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9923"
},
{
"name": "CVE-2014-9927",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9927"
},
{
"name": "CVE-2014-9924",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9924"
},
{
"name": "CVE-2017-0598",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0598"
},
{
"name": "CVE-2017-0623",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0623"
},
{
"name": "CVE-2017-7184",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7184"
},
{
"name": "CVE-2016-5347",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5347"
},
{
"name": "CVE-2017-0631",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0631"
},
{
"name": "CVE-2017-0635",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0635"
},
{
"name": "CVE-2017-0608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0608"
},
{
"name": "CVE-2017-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0590"
},
{
"name": "CVE-2016-7056",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7056"
},
{
"name": "CVE-2017-0628",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0628"
},
{
"name": "CVE-2016-5131",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5131"
},
{
"name": "CVE-2017-0626",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0626"
},
{
"name": "CVE-2017-0622",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0622"
},
{
"name": "CVE-2014-9942",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9942"
},
{
"name": "CVE-2017-0587",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0587"
}
],
"initial_release_date": "2017-05-02T00:00:00",
"last_revision_date": "2017-05-02T00:00:00",
"links": [],
"reference": "CERTFR-2017-AVI-135",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-05-02T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eGoogle Android (Nexus)\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android (Nexus)",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Android du 01 mai 2017",
"url": "https://source.android.com/security/bulletin/2017-05-01"
}
]
}
CVE-2014-9952 (GCVE-0-2014-9952)
Vulnerability from cvelistv5 – Published: 2017-06-06 14:00 – Updated: 2024-08-06 14:02
VLAI
EPSS
Summary
In the Secure File System in all Android releases from CAF using the Linux kernel, a capture-replay vulnerability could potentially exist.
Severity
No CVSS data available.
CWE
- Capture-Replay Vulnerability in Secure File System
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/98253 | vdb-entryx_refsource_BID |
| https://source.android.com/security/bulletin/2017-05-01 | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | All Qualcomm products |
Affected:
All Android releases from CAF using the Linux kernel
|
Date Public
2017-05-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:02:37.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "98253",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98253"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-05-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "All Qualcomm products",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "All Android releases from CAF using the Linux kernel"
}
]
}
],
"datePublic": "2017-05-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In the Secure File System in all Android releases from CAF using the Linux kernel, a capture-replay vulnerability could potentially exist."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Capture-Replay Vulnerability in Secure File System",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-07T09:57:01.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"name": "98253",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98253"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-05-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2014-9952",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "All Qualcomm products",
"version": {
"version_data": [
{
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Secure File System in all Android releases from CAF using the Linux kernel, a capture-replay vulnerability could potentially exist."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Capture-Replay Vulnerability in Secure File System"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "98253",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98253"
},
{
"name": "https://source.android.com/security/bulletin/2017-05-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-05-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2014-9952",
"datePublished": "2017-06-06T14:00:00.000Z",
"dateReserved": "2017-03-28T00:00:00.000Z",
"dateUpdated": "2024-08-06T14:02:37.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7555 (GCVE-0-2015-7555)
Vulnerability from cvelistv5 – Published: 2016-04-13 15:00 – Updated: 2024-08-06 07:51
VLAI
EPSS
Summary
Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service (program crash) via crafted image and logical screen width fields in a GIF file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://packetstormsecurity.com/files/135034/gifli… | x_refsource_MISC |
| http://www-01.ibm.com/support/docview.wss?uid=isg… | x_refsource_CONFIRM |
| http://lists.fedoraproject.org/pipermail/package-… | vendor-advisoryx_refsource_FEDORA |
| http://www.securityfocus.com/archive/1/537171/100… | mailing-listx_refsource_BUGTRAQ |
| https://source.android.com/security/bulletin/2017-05-01 | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1035331 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/81697 | vdb-entryx_refsource_BID |
| http://seclists.org/fulldisclosure/2015/Dec/83 | mailing-listx_refsource_FULLDISC |
Date Public
2015-12-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:51:28.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/135034/giflib-5.1.1-Heap-Overflow.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023474"
},
{
"name": "FEDORA-2015-d423b3276f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174876.html"
},
{
"name": "20151221 giflib: heap overflow in giffix (CVE-2015-7555)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/537171/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"name": "1035331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035331"
},
{
"name": "81697",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/81697"
},
{
"name": "20151221 giflib: heap overflow in giffix (CVE-2015-7555)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2015/Dec/83"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service (program crash) via crafted image and logical screen width fields in a GIF file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/135034/giflib-5.1.1-Heap-Overflow.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1023474"
},
{
"name": "FEDORA-2015-d423b3276f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174876.html"
},
{
"name": "20151221 giflib: heap overflow in giffix (CVE-2015-7555)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/537171/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"name": "1035331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035331"
},
{
"name": "81697",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/81697"
},
{
"name": "20151221 giflib: heap overflow in giffix (CVE-2015-7555)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2015/Dec/83"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-7555",
"datePublished": "2016-04-13T15:00:00.000Z",
"dateReserved": "2015-09-29T00:00:00.000Z",
"dateUpdated": "2024-08-06T07:51:28.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-9004 (GCVE-0-2015-9004)
Vulnerability from cvelistv5 – Published: 2017-05-02 21:00 – Updated: 2024-08-06 08:36
VLAI
EPSS
Summary
kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://source.android.com/security/bulletin/2017-05-01 | x_refsource_CONFIRM |
| https://github.com/torvalds/linux/commit/c3c87e77… | x_refsource_CONFIRM |
| http://git.kernel.org/cgit/linux/kernel/git/torva… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/98166 | vdb-entryx_refsource_BID |
Date Public
2015-01-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:36:31.468Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/c3c87e770458aa004bd7ed3f29945ff436fd6511"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c3c87e770458aa004bd7ed3f29945ff436fd6511"
},
{
"name": "98166",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98166"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-05T09:57:01.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/c3c87e770458aa004bd7ed3f29945ff436fd6511"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c3c87e770458aa004bd7ed3f29945ff436fd6511"
},
{
"name": "98166",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98166"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2015-9004",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-05-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"name": "https://github.com/torvalds/linux/commit/c3c87e770458aa004bd7ed3f29945ff436fd6511",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/c3c87e770458aa004bd7ed3f29945ff436fd6511"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c3c87e770458aa004bd7ed3f29945ff436fd6511",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c3c87e770458aa004bd7ed3f29945ff436fd6511"
},
{
"name": "98166",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98166"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2015-9004",
"datePublished": "2017-05-02T21:00:00.000Z",
"dateReserved": "2017-03-28T00:00:00.000Z",
"dateUpdated": "2024-08-06T08:36:31.468Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-9005 (GCVE-0-2015-9005)
Vulnerability from cvelistv5 – Published: 2017-06-06 14:00 – Updated: 2024-08-06 08:36
VLAI
EPSS
Summary
In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist.
Severity
No CVSS data available.
CWE
- Integer Overflow to Buffer Overflow Vulnerability in TrustZone
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://source.android.com/security/bulletin/2017-05-01 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/98322 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | All Qualcomm products |
Affected:
All Android releases from CAF using the Linux kernel
|
Date Public
2017-05-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:36:31.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"name": "98322",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98322"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "All Qualcomm products",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "All Android releases from CAF using the Linux kernel"
}
]
}
],
"datePublic": "2017-05-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer Overflow to Buffer Overflow Vulnerability in TrustZone",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-07T09:57:01.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"name": "98322",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98322"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2015-9005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "All Qualcomm products",
"version": {
"version_data": [
{
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow to Buffer Overflow Vulnerability in TrustZone"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-05-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"name": "98322",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98322"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2015-9005",
"datePublished": "2017-06-06T14:00:00.000Z",
"dateReserved": "2017-03-28T00:00:00.000Z",
"dateUpdated": "2024-08-06T08:36:31.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-9006 (GCVE-0-2015-9006)
Vulnerability from cvelistv5 – Published: 2017-06-06 14:00 – Updated: 2024-08-06 08:36
VLAI
EPSS
Summary
In Resource Power Manager (RPM) in all Android releases from CAF using the Linux kernel, an Improper Access Control vulnerability could potentially exist.
Severity
No CVSS data available.
CWE
- Improper Access Control Vulnerability in Resource Power Manager
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://source.android.com/security/bulletin/2017-05-01 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/98321 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | All Qualcomm products |
Affected:
All Android releases from CAF using the Linux kernel
|
Date Public
2017-05-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:36:31.364Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"name": "98321",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98321"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "All Qualcomm products",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "All Android releases from CAF using the Linux kernel"
}
]
}
],
"datePublic": "2017-05-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In Resource Power Manager (RPM) in all Android releases from CAF using the Linux kernel, an Improper Access Control vulnerability could potentially exist."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Access Control Vulnerability in Resource Power Manager",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-07T09:57:01.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"name": "98321",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98321"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2015-9006",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "All Qualcomm products",
"version": {
"version_data": [
{
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Resource Power Manager (RPM) in all Android releases from CAF using the Linux kernel, an Improper Access Control vulnerability could potentially exist."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control Vulnerability in Resource Power Manager"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-05-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"name": "98321",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98321"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2015-9006",
"datePublished": "2017-06-06T14:00:00.000Z",
"dateReserved": "2017-03-28T00:00:00.000Z",
"dateUpdated": "2024-08-06T08:36:31.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-9007 (GCVE-0-2015-9007)
Vulnerability from cvelistv5 – Published: 2017-06-06 14:00 – Updated: 2024-08-06 08:36
VLAI
EPSS
Summary
In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist.
Severity
No CVSS data available.
CWE
- Double Free Vulnerability in TrustZone
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://source.android.com/security/bulletin/2017-05-01 | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/98324 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | All Qualcomm products |
Affected:
All Android releases from CAF using the Linux kernel
|
Date Public
2017-05-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:36:31.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"name": "98324",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98324"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "All Qualcomm products",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "All Android releases from CAF using the Linux kernel"
}
]
}
],
"datePublic": "2017-05-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Double Free Vulnerability in TrustZone",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-07T09:57:01.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"name": "98324",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98324"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2015-9007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "All Qualcomm products",
"version": {
"version_data": [
{
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Double Free Vulnerability in TrustZone"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-05-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-05-01"
},
{
"name": "98324",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98324"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2015-9007",
"datePublished": "2017-06-06T14:00:00.000Z",
"dateReserved": "2017-03-28T00:00:00.000Z",
"dateUpdated": "2024-08-06T08:36:31.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1024 (GCVE-0-2016-1024)
Vulnerability from cvelistv5 – Published: 2016-04-09 01:00 – Updated: 2024-08-05 22:38
VLAI
EPSS
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/85932 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1035509 | vdb-entryx_refsource_SECTRACK |
| https://helpx.adobe.com/security/products/flash-p… | x_refsource_CONFIRM |
Date Public
2016-04-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:1305",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html"
},
{
"name": "openSUSE-SU-2016:1306",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html"
},
{
"name": "RHSA-2016:0610",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html"
},
{
"name": "85932",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/85932"
},
{
"name": "1035509",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035509"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-07T09:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "SUSE-SU-2016:1305",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html"
},
{
"name": "openSUSE-SU-2016:1306",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html"
},
{
"name": "RHSA-2016:0610",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html"
},
{
"name": "85932",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/85932"
},
{
"name": "1035509",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035509"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:1305",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html"
},
{
"name": "openSUSE-SU-2016:1306",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html"
},
{
"name": "RHSA-2016:0610",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html"
},
{
"name": "85932",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/85932"
},
{
"name": "1035509",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035509"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1024",
"datePublished": "2016-04-09T01:00:00.000Z",
"dateReserved": "2015-12-22T00:00:00.000Z",
"dateUpdated": "2024-08-05T22:38:41.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1027 (GCVE-0-2016-1027)
Vulnerability from cvelistv5 – Published: 2016-04-09 01:00 – Updated: 2024-08-05 22:38
VLAI
EPSS
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/85932 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1035509 | vdb-entryx_refsource_SECTRACK |
| https://helpx.adobe.com/security/products/flash-p… | x_refsource_CONFIRM |
Date Public
2016-04-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:1305",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html"
},
{
"name": "openSUSE-SU-2016:1306",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html"
},
{
"name": "RHSA-2016:0610",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html"
},
{
"name": "85932",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/85932"
},
{
"name": "1035509",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035509"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-07T09:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "SUSE-SU-2016:1305",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html"
},
{
"name": "openSUSE-SU-2016:1306",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html"
},
{
"name": "RHSA-2016:0610",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html"
},
{
"name": "85932",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/85932"
},
{
"name": "1035509",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035509"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1027",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:1305",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html"
},
{
"name": "openSUSE-SU-2016:1306",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html"
},
{
"name": "RHSA-2016:0610",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html"
},
{
"name": "85932",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/85932"
},
{
"name": "1035509",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035509"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1027",
"datePublished": "2016-04-09T01:00:00.000Z",
"dateReserved": "2015-12-22T00:00:00.000Z",
"dateUpdated": "2024-08-05T22:38:41.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1028 (GCVE-0-2016-1028)
Vulnerability from cvelistv5 – Published: 2016-04-09 01:00 – Updated: 2024-08-05 22:38
VLAI
EPSS
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/85932 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1035509 | vdb-entryx_refsource_SECTRACK |
| https://helpx.adobe.com/security/products/flash-p… | x_refsource_CONFIRM |
Date Public
2016-04-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.600Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:1305",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html"
},
{
"name": "openSUSE-SU-2016:1306",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html"
},
{
"name": "RHSA-2016:0610",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html"
},
{
"name": "85932",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/85932"
},
{
"name": "1035509",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035509"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-07T09:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "SUSE-SU-2016:1305",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html"
},
{
"name": "openSUSE-SU-2016:1306",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html"
},
{
"name": "RHSA-2016:0610",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html"
},
{
"name": "85932",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/85932"
},
{
"name": "1035509",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035509"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1028",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:1305",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html"
},
{
"name": "openSUSE-SU-2016:1306",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html"
},
{
"name": "RHSA-2016:0610",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html"
},
{
"name": "85932",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/85932"
},
{
"name": "1035509",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035509"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1028",
"datePublished": "2016-04-09T01:00:00.000Z",
"dateReserved": "2015-12-22T00:00:00.000Z",
"dateUpdated": "2024-08-05T22:38:41.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-1029 (GCVE-0-2016-1029)
Vulnerability from cvelistv5 – Published: 2016-04-09 01:00 – Updated: 2024-08-05 22:38
VLAI
EPSS
Summary
Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1032, and CVE-2016-1033.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| http://rhn.redhat.com/errata/RHSA-2016-0610.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/85932 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1035509 | vdb-entryx_refsource_SECTRACK |
| https://helpx.adobe.com/security/products/flash-p… | x_refsource_CONFIRM |
Date Public
2016-04-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:38:41.645Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2016:1305",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html"
},
{
"name": "openSUSE-SU-2016:1306",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html"
},
{
"name": "RHSA-2016:0610",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html"
},
{
"name": "85932",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/85932"
},
{
"name": "1035509",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035509"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1032, and CVE-2016-1033."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-07T09:57:01.000Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"name": "SUSE-SU-2016:1305",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html"
},
{
"name": "openSUSE-SU-2016:1306",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html"
},
{
"name": "RHSA-2016:0610",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html"
},
{
"name": "85932",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/85932"
},
{
"name": "1035509",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035509"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@adobe.com",
"ID": "CVE-2016-1029",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1027, CVE-2016-1028, CVE-2016-1032, and CVE-2016-1033."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2016:1305",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html"
},
{
"name": "openSUSE-SU-2016:1306",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html"
},
{
"name": "RHSA-2016:0610",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html"
},
{
"name": "85932",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/85932"
},
{
"name": "1035509",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035509"
},
{
"name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html",
"refsource": "CONFIRM",
"url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2016-1029",
"datePublished": "2016-04-09T01:00:00.000Z",
"dateReserved": "2015-12-22T00:00:00.000Z",
"dateUpdated": "2024-08-05T22:38:41.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…