flashplugin

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Adobe Flash Player NPAPI
Version 28.0.0.161-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-492 27.0.0.183-1 27.0.0.187-1 Critical Fixed
AVG-449 27.0.0.159-1 27.0.0.170-1 Critical Fixed
AVG-398 26.0.0.151-1 27.0.0.130-1 Critical Fixed
AVG-373 26.0.0.137-1 26.0.0.151-1 Critical Fixed
AVG-344 26.0.0.131-2 26.0.0.137-1 Critical Fixed
AVG-297 25.0.0.171-1 26.0.0.126-1 Critical Fixed
AVG-265 25.0.0.148-1 25.0.0.171-1 Critical Fixed
AVG-208 24.0.0.221-1 25.0.0.127-1 Critical Fixed
AVG-176 24.0.0.194-1 24.0.0.221-1 Critical Fixed
AVG-135 24.0.0.186-1 24.0.0.194-1 Critical Fixed
AVG-107 11.2.202.644-1 24.0.0.186-1 Critical Fixed
AVG-52 11.2.202.637-1 11.2.202.643-1 Critical Fixed
Issue Group Severity Remote Type Description
CVE-2017-3114 AVG-492 Critical Yes Arbitrary code execution
An out-of-bounds access vulnerability has been discovered in flashplugin before 27.0.0.187 leading to arbitrary code execution when playing a specially...
CVE-2017-3112 AVG-492 Critical Yes Arbitrary code execution
An out-of-bounds access vulnerability has been discovered in flashplugin before 27.0.0.187 leading to arbitrary code execution when playing a specially...
CVE-2017-3106 AVG-373 Critical Yes Arbitrary code execution
A type confusion issue has been found in Adobe Flash player < 26.0.0.151, leading to remote code execution.
CVE-2017-3100 AVG-344 Medium Yes Information disclosure
A memory corruption vulnerability leading to the disclosure of a memory address has been found in Adobe Flash Player < 26.0.0.137. It could be used to...
CVE-2017-3099 AVG-344 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.137.
CVE-2017-3085 AVG-373 High Yes Information disclosure
An information disclosure flaw has been found in Adobe Flash player < 26.0.0.151.
CVE-2017-3084 AVG-297 Critical Yes Arbitrary code execution
A use-after-free vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126.
CVE-2017-3083 AVG-297 Critical Yes Arbitrary code execution
A use-after-free vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126.
CVE-2017-3082 AVG-297 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126.
CVE-2017-3081 AVG-297 Critical Yes Arbitrary code execution
A use-after-free vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126.
CVE-2017-3080 AVG-344 Medium Yes Information disclosure
A security issue leading to information disclosure has been found in Adobe Flash Player < 26.0.0.137.
CVE-2017-3079 AVG-297 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126.
CVE-2017-3078 AVG-297 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126.
CVE-2017-3077 AVG-297 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126.
CVE-2017-3076 AVG-297 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126.
CVE-2017-3075 AVG-297 Critical Yes Arbitrary code execution
A use-after-free vulnerability leading to remote code execution has been found in Adobe Flash Player < 26.0.0.126.
CVE-2017-3074 AVG-265 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to code execution has been found in the Graphics class of Adobe Flash Player < 25.0.0.171.
CVE-2017-3073 AVG-265 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to code execution has been found in Adobe Flash Player < 25.0.0.171, when handling multiple mask properties of...
CVE-2017-3072 AVG-265 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to code execution has been found in the BitmapData class of Adobe Flash Player < 25.0.0.171.
CVE-2017-3071 AVG-265 Critical Yes Arbitrary code execution
A use-after-free vulnerability that could lead to code execution has been found in Adobe Flash Player < 25.0.0.171, when masking display object.
CVE-2017-3070 AVG-265 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to code execution has been found in the ConvolutionFilter class of Adobe Flash Player < 25.0.0.171.
CVE-2017-3069 AVG-265 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to code execution has been found in the BlendMode class of Adobe Flash Player < 25.0.0.171.
CVE-2017-3068 AVG-265 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to code execution has been found in the Advanced Video Coding engine of Adobe Flash Player < 25.0.0.171.
CVE-2017-3003 AVG-208 Critical Yes Arbitrary code execution
A use-after-free vulnerability that could lead to code execution has been found in Adobe Flash Player <= 24.0.0.221.
CVE-2017-3002 AVG-208 Critical Yes Arbitrary code execution
A use-after-free vulnerability that could lead to code execution has been found in Adobe Flash Player <= 24.0.0.221.
CVE-2017-3001 AVG-208 Critical Yes Arbitrary code execution
A use-after-free vulnerability that could lead to code execution has been found in Adobe Flash Player <= 24.0.0.221.
CVE-2017-3000 AVG-208 High Yes Information disclosure
A random number generator vulnerability used for constant blinding that could lead to information disclosure has been found in Adobe Flash Player <= 24.0.0.221.
CVE-2017-2999 AVG-208 Critical Yes Arbitrary code execution
A memory corruption vulnerability that could lead to code execution has been found in Adobe Flash Player <= 24.0.0.221.
CVE-2017-2998 AVG-208 Critical Yes Arbitrary code execution
A memory corruption vulnerability that could lead to code execution has been found in Adobe Flash Player <= 24.0.0.221.
CVE-2017-2997 AVG-208 Critical Yes Arbitrary code execution
A buffer overflow vulnerability that could lead to code execution has been found in Adobe Flash Player <= 24.0.0.221.
CVE-2017-2996 AVG-176 Critical Yes Arbitrary code execution
A memory corruption vulnerability possibly leading to code execution has been found in Adobe Flash Player < 24.0.0.221.
CVE-2017-2995 AVG-176 Critical Yes Arbitrary code execution
A type confusion vulnerability possibly leading to code execution has been found in Adobe Flash Player < 24.0.0.221.
CVE-2017-2994 AVG-176 Critical Yes Arbitrary code execution
A use-after-free vulnerability possibly leading to code execution has been found in Adobe Flash Player < 24.0.0.221.
CVE-2017-2993 AVG-176 Critical Yes Arbitrary code execution
A use-after-free vulnerability possibly leading to code execution has been found in Adobe Flash Player < 24.0.0.221.
CVE-2017-2992 AVG-176 Critical Yes Arbitrary code execution
A heap-based buffer overflow vulnerability possibly leading to code execution has been found in Adobe Flash Player < 24.0.0.221.
CVE-2017-2991 AVG-176 Critical Yes Arbitrary code execution
A memory corruption vulnerability possibly leading to code execution has been found in Adobe Flash Player < 24.0.0.221.
CVE-2017-2990 AVG-176 Critical Yes Arbitrary code execution
A memory corruption vulnerability possibly leading to code execution has been found in Adobe Flash Player < 24.0.0.221.
CVE-2017-2988 AVG-176 Critical Yes Arbitrary code execution
A memory corruption vulnerability possibly leading to code execution has been found in Adobe Flash Player < 24.0.0.221.
CVE-2017-2987 AVG-176 Critical Yes Arbitrary code execution
An integer overflow vulnerability possibly leading to code execution has been found in Adobe Flash Player < 24.0.0.221.
CVE-2017-2986 AVG-176 Critical Yes Arbitrary code execution
A heap-based buffer overflow vulnerability possibly leading to code execution has been found in Adobe Flash Player < 24.0.0.221.
CVE-2017-2985 AVG-176 Critical Yes Arbitrary code execution
A use-after-free vulnerability possibly leading to code execution has been found in Adobe Flash Player < 24.0.0.221.
CVE-2017-2984 AVG-176 Critical Yes Arbitrary code execution
A heap-based buffer overflow vulnerability possibly leading to code execution has been found in Adobe Flash Player < 24.0.0.221.
CVE-2017-2982 AVG-176 Critical Yes Arbitrary code execution
A use-after-free vulnerability possibly leading to code execution has been found in Adobe Flash Player < 24.0.0.221.
CVE-2017-2938 AVG-135 High Yes Information disclosure
Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related to handling TCP connections.
CVE-2017-2937 AVG-135 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class, when using...
CVE-2017-2936 AVG-135 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript FileReference class.
CVE-2017-2935 AVG-135 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing the Flash Video container file format.
CVE-2017-2934 AVG-135 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when parsing Adobe Texture Format files.
CVE-2017-2933 AVG-135 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability related to texture compression.
CVE-2017-2932 AVG-135 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript MovieClip class.
CVE-2017-2931 AVG-135 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to the parsing of SWF metadata.
CVE-2017-2930 AVG-135 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability due to a concurrency error when manipulating a...
CVE-2017-2928 AVG-135 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects.
CVE-2017-2927 AVG-135 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing Adobe Texture Format files.
CVE-2017-2926 AVG-135 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to processing of atoms in MP4 files.
CVE-2017-2925 AVG-135 Critical Yes Arbitrary code execution
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability in the JPEG XR codec.
CVE-2017-11292 AVG-449 Critical Yes Arbitrary code execution
A type confusion vulnerability has been found in Adobe Flash Player <= 27.0.0.159, leading to arbitrary code execution.
CVE-2017-11282 AVG-398 Critical Yes Arbitrary code execution
A memory corruption issue has been found in Adobe Flash player version 26.0.0.151 and earlier, leading to remote code execution.
CVE-2017-11281 AVG-398 Critical Yes Arbitrary code execution
A memory corruption issue has been found in Adobe Flash player version 26.0.0.151 and earlier, leading to remote code execution.
CVE-2017-11225 AVG-492 Critical Yes Arbitrary code execution
An use after free vulnerability has been discovered in flashplugin before 27.0.0.187 leading to arbitrary code execution when playing a specially crafted SWF file.
CVE-2017-11215 AVG-492 Critical Yes Arbitrary code execution
An use after free vulnerability has been discovered in flashplugin before 27.0.0.187 leading to arbitrary code execution when playing a specially crafted SWF file.
CVE-2017-11213 AVG-492 Critical Yes Arbitrary code execution
An out-of-bounds access vulnerability has been discovered in flashplugin before 27.0.0.187 leading to arbitrary code execution when playing a specially...
CVE-2016-7892 AVG-107 Critical Yes Arbitrary code execution
A use-after-free vulnerability leading to code execution has been found in Adobe Flash Player < 24.0.0.186.
CVE-2016-7890 AVG-107 High Yes Access restriction bypass
A security bypass vulnerability has been found in Adobe Flash Player < 24.0.0.186.
CVE-2016-7881 AVG-107 Critical Yes Arbitrary code execution
A use-after-free vulnerability leading to code execution has been found in Adobe Flash Player < 24.0.0.186.
CVE-2016-7880 AVG-107 Critical Yes Arbitrary code execution
A use-after-free vulnerability leading to code execution has been found in Adobe Flash Player < 24.0.0.186.
CVE-2016-7879 AVG-107 Critical Yes Arbitrary code execution
A use-after-free vulnerability leading to code execution has been found in Adobe Flash Player < 24.0.0.186.
CVE-2016-7878 AVG-107 Critical Yes Arbitrary code execution
A use-after-free vulnerability leading to code execution has been found in Adobe Flash Player < 24.0.0.186.
CVE-2016-7877 AVG-107 Critical Yes Arbitrary code execution
A use-after-free vulnerability leading to code execution has been found in Adobe Flash Player < 24.0.0.186.
CVE-2016-7876 AVG-107 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to code execution has been found in Adobe Flash Player < 24.0.0.186.
CVE-2016-7875 AVG-107 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to code execution has been found in Adobe Flash Player < 24.0.0.186.
CVE-2016-7874 AVG-107 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to code execution has been found in Adobe Flash Player < 24.0.0.186.
CVE-2016-7873 AVG-107 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to code execution has been found in Adobe Flash Player < 24.0.0.186.
CVE-2016-7872 AVG-107 Critical Yes Arbitrary code execution
A use-after-free vulnerability leading to code execution has been found in Adobe Flash Player < 24.0.0.186.
CVE-2016-7871 AVG-107 Critical Yes Arbitrary code execution
A memory corruption vulnerability leading to code execution has been found in Adobe Flash Player < 24.0.0.186.
CVE-2016-7870 AVG-107 Critical Yes Arbitrary code execution
A buffer overflow vulnerability leading to code execution has been found in Adobe Flash Player < 24.0.0.186.
CVE-2016-7869 AVG-107 Critical Yes Arbitrary code execution
A buffer overflow vulnerability leading to code execution has been found in Adobe Flash Player < 24.0.0.186.
CVE-2016-7868 AVG-107 Critical Yes Arbitrary code execution
A buffer overflow vulnerability leading to code execution has been found in Adobe Flash Player < 24.0.0.186.
CVE-2016-7867 AVG-107 Critical Yes Arbitrary code execution
A buffer overflow vulnerability leading to code execution has been found in Adobe Flash Player < 24.0.0.186.
CVE-2016-7855 AVG-52 Critical Yes Arbitrary code execution
A use-after-free vulnerability leading to code execution has been found in Adobe Flash Player.

Advisories

Date Advisory Group Severity Description
15 Nov 2017 ASA-201711-21 AVG-492 Critical arbitrary code execution
16 Oct 2017 ASA-201710-20 AVG-449 Critical arbitrary code execution
13 Sep 2017 ASA-201709-6 AVG-398 Critical arbitrary code execution
10 Aug 2017 ASA-201708-2 AVG-373 Critical multiple issues
11 Jul 2017 ASA-201707-10 AVG-344 Critical multiple issues
14 Jun 2017 ASA-201706-14 AVG-297 Critical arbitrary code execution
09 May 2017 ASA-201705-8 AVG-265 Critical arbitrary code execution
15 Mar 2017 ASA-201703-11 AVG-208 Critical multiple issues
17 Feb 2017 ASA-201702-15 AVG-176 Critical arbitrary code execution
12 Jan 2017 ASA-201701-16 AVG-135 Critical multiple issues
15 Dec 2016 ASA-201612-16 AVG-107 Critical multiple issues
26 Oct 2016 ASA-201610-18 AVG-52 Critical arbitrary code execution