Searching update flash software vulnerabilities

Standalone Macromedia Flash Player 5.0 allows r

undocumented | containing | Standalone | Macromedia | arbitrary | FSCommand | attackers | programs | "save" | allows | Player | remote | files | Flash | save | file | via | SWF |

Standalone Macromedia Flash Player 5.0 allows remote attackers to save arbitrary files and programs via a .SWF file containing the undocumented "save" FSCommand.


Standalone Macromedia Flash Player 5.0 before 5

Macromedia | Standalone | Player | before | Flash |

Standalone Macromedia Flash Player 5.0 before 5,0,30,2 allows remote attackers to execute arbitrary programs via a .SWF file containing the "exec" FSCommand.


Macromedia Flash Player 4.0 r12 through 6.0.47.

Macromedia | through | Player | Flash | r12 |

Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers.


Cross-site scripting (XSS) vulnerability in Mac

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote attackers to insert arbitrary Javascript via the clickTAG field.


Macromedia Flash Player before 7,0,19,0 stores

Macromedia | Player | before | Flash |

Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is accessible to web browsers such as Internet Explorer and Opera, which allows remote attackers to read restricted files via vulnerabilities in web browsers whose exploits rely on predictable names.


Flash Messaging 5.2.0g (rev 1.1.2) and earlier

Messaging | Flash | 520g |

Flash Messaging 5.2.0g (rev 1.1.2) and earlier allows remote attackers to cause a denial of service (application crash) via certain wide characters.


Flash Messaging clients can ignore disconnectin

disconnecting | "shutdown" | Messaging | commands | clients | Server | ignore | Flash | 520g | such | can |

Flash Messaging clients can ignore disconnecting commands such as "shutdown" from the Flash Messaging Server 5.2.0g (rev 1.1.2), which could allow remote attackers to stay connected.


Directory traversal vulnerability in Net2Soft F

vulnerability | attackers | arbitrary | traversal | Directory | Net2Soft | remote | create | Server | allows | Flash | files | read | via | FTP |

Directory traversal vulnerability in Net2Soft Flash FTP Server 1.0 allows remote attackers to read and create arbitrary files via a /.. (slash dot dot).


Macromedia Flash Communication Server MX 1.0 an

Communication | sufficiently | Macromedia | attackers | validate | service | certain | Server | denial | allows | Flash | cause | which | does | RTMP | data | not |

Macromedia Flash Communication Server MX 1.0 and 1.5 does not sufficiently validate certain RTMP data, which allows attackers to cause a denial of service (instability or crash), as demonstrated using an alpha release build of Flash Player 8.5 (build 133).


Multiple unspecified vulnerabilities in Adobe F

vulnerabilities | unspecified | Multiple | Player | Flash | Adobe |

Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.


Eval injection vulnerability in 123 Flash Chat

vulnerability | injection | Eval |

Eval injection vulnerability in 123 Flash Chat Server 5.0 and 5.1 allows attackers to execute arbitrary code via a crafted username.


Multiple buffer overflows in Apple QuickTime be

arbitrary | QuickTime | attackers | overflows | Multiple | execute | crafted | remote | before | buffer | Flash | allow | Apple | code | via |

Multiple buffer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime Flash (SWF) file.


Internet Explorer 6 for Windows XP SP2 and earl

application | re-opening | attackers | Shockwave | malicious | phishing | Explorer | possibly | Internet | changing | location | attacks | trusted | loading | address | earlier | conduct | Windows | remote | window | allows | while | spoof | Flash | still | back | then | bar | SP2 | URL |

Internet Explorer 6 for Windows XP SP2 and earlier allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: this is a different vulnerability than CVE-2006-1192.


Firefox 1.5.0.1 allows remote attackers to spoo

Firefox |

Firefox 1.5.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: a followup was unable to replicate this issue.


Buffer overflow in Adobe Flash Player 8.0.24.0

overflow | Player | Buffer | Flash | Adobe |

Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.


Unspecified vulnerability in Adobe Flash Player

vulnerability | Unspecified | Player | before | Adobe | Flash |

Unspecified vulnerability in Adobe Flash Player before 9.0.16.0 allows user-assisted remote attackers to bypass the allowScriptAccess protection via unspecified vectors.


Flash8b.ocx in Macromedia Flash 8 allows remote

Macromedia | Flash8bocx | attackers | service | denial | allows | remote | Flash | cause |

Flash8b.ocx in Macromedia Flash 8 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the Flash8b.AllowScriptAccess method.


EMC RSA Security SiteKey does not set the secur

qualifier | Security | SiteKey | secure | token | Flash | does | RSA | EMC | set | not |

EMC RSA Security SiteKey does not set the secure qualifier on the SiteKey Flash token (aka the PassMark Flash shared object), which might allow remote attackers to obtain the token via HTTP.


Adobe Macromedia Flash Player 7 and 9, when use

Macromedia | Player | before | Opera | Adobe | Flash | used |

Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before Wednesday, June 13, 2007, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet.


ActionScript 3 (AS3) in Adobe Flash Player 9.0.

ActionScript |

ActionScript 3 (AS3) in Adobe Flash Player 9.0.47.0 allows remote attackers to bypass the Security Sandbox Model, obtain sensitive information, and port scan arbitrary hosts via a Flash (SWF) movie that specifies a connection to make, then uses timing discrepancies from the SecurityErrorEvent error to determine whether a port is open or not.


Software vulnerabilities results 1 to 20 of 220     
Page: 12345...12