Adobe Flash Player versions 18.104.22.168 and previous versions have a security bypass vulnerability that leads to information disclosure when performing URL redirect.
CVE-Study CVE id CVSS Type CVE-2017-12762 100 BOF CVE-2017-0561 100 - CVE-2017-11176 100 UAF CVE-2017-8890 100 CVE-2017-7895 100 CVE-2017-3106 93 CVE-2017-3064 93 CVE-2017-0430 93 CVE-2017-0429 93 CVE-2017-0428 93 CVE-2017-0427 93 CVE-2017-0528 93 CVE-2017-0510 93 CVE-2017-0508 93 CVE-2017-0507 93 CVE-2017-0455 93
Earlier this week, Adobe patched a vulnerability in Flash Player that allows an attacker to use malicious Flash files to leak Windows credentials.
The security issue is tracked under the CVE-2017-3085 identifier and affects Flash Player versions from 22.214.171.124 up to 126.96.36.199, running on Windows XP, Vista, 7, 8.x, and 10.
The vulnerability was discovered by Dutch security researcher Björn Ruytenberg and is a variation of an older flaw tracked as CVE-2016-4271, which Adobe patched ...
One of the patches included in Tuesday’s Adobe Flash Player update was a do-over after the researcher who privately reported the problem earlier this year discovered the original patch incompletely resolved the issue.
Dutch researcher Bjorn Ruytenberg disclosed details after Adobe updated the soon-to-be deprecated Flash Player on Tuesday to version 26. Flash Player 23, released close to a year ago, closed off a local sandbox escape, but Ruytenberg found the update failed to address the v...
Update IE, Edge, Windows, SQL Server, Office and – of course – Flash
Patch Tuesday Microsoft has released the August edition of its Patch Tuesday update to address security holes in multiple products. Folks are urged to install the fixes as soon as possible before they are exploited.
Among the flaws are remote code execution holes in Windows, Internet Explorer/Edge and Flash Player, plus a guest escape in Hyper-V. Of the 48 patches issued by Redmond, 25 are rated as critical security risks.
Those 25 critical issues include a remote code execution vuln...
Adobe today pushed out its first Flash Player update since announcing two weeks ago that it would stop distributing and updating the software in 2020.
Flash has been at the center of many targeted attacks and exploit kit activity, and despite numerous improvements to the product including sandboxing and attempts to kill off entire classes of vulnerabilities, many security conscious users will soon have their way with Flash going end-of-life.
Today, as part of its regular Patch Tuesd...