» 2016 » 6월

CVE-2016-4123 (flash_player, flash_player_for_linux)

Posted on 2016년 6월 16일2016년 6월 18일 by admin

CVE-2016-4123 (flash_player, flash_player_for_linux)

Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083.

Source: CVE-2016-4123 (flash_player, flash_player_for_linux)

CVE-2016-4123

Posted on 2016년 6월 16일2016년 6월 17일 by admin

CVE-2016-4123

Source: CVE-2016-4123

CVE-2016-4122 (flash_player, flash_player_for_linux)

Posted on 2016년 6월 16일2016년 6월 18일 by admin

CVE-2016-4122 (flash_player, flash_player_for_linux)

Source: CVE-2016-4122 (flash_player, flash_player_for_linux)

CVE-2016-4122

Posted on 2016년 6월 16일2016년 6월 17일 by admin

CVE-2016-4122

Source: CVE-2016-4122

CVE-2016-4121

Posted on 2016년 6월 16일2016년 6월 17일 by admin

CVE-2016-4121

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1097, CVE-2016-1106, CVE-2016-1107, CVE-2016-1108, CVE-2016-1109, CVE-2016-1110, CVE-2016-4108, and CVE-2016-4110.

Source: CVE-2016-4121

CVE-2016-4120 (air_desktop_runtime, air_sdk, air_sdk_&_compiler, flash_player)

Posted on 2016년 6월 16일2016년 6월 18일 by admin

CVE-2016-4120 (air_desktop_runtime, air_sdk, air_sdk_&_compiler, flash_player)

Adobe Flash Player before 18.0.0.352 and 19.x through 21.x before 21.0.0.242 on Windows and OS X and before 11.2.202.621 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1096, CVE-2016-1098, CVE-2016-1099, CVE-2016-1100, CVE-2016-1102, CVE-2016-1104, CVE-2016-4109, CVE-2016-4111, CVE-2016-4112, CVE-2016-4113, CVE-2016-4114, CVE-2016-4115, CVE-2016-4160, CVE-2016-4161, CVE-2016-4162, and CVE-2016-4163.

Source: CVE-2016-4120 (air_desktop_runtime, air_sdk, air_sdk_&_compiler, flash_player)

CVE-2016-4120

Posted on 2016년 6월 16일2016년 6월 17일 by admin

CVE-2016-4120

Source: CVE-2016-4120

CVE-2016-3236 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_vista)

Posted on 2016년 6월 16일2016년 6월 17일 by admin

CVE-2016-3236 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_vista)

The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles proxy discovery, which allows remote attackers to redirect network traffic via unspecified vectors, aka "Windows WPAD Proxy Discovery Elevation of Privilege Vulnerability."

Source: CVE-2016-3236 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_vista)

CVE-2016-3236

Posted on 2016년 6월 16일2016년 6월 16일 by admin

CVE-2016-3236

Source: CVE-2016-3236

CVE-2016-3234 (office, office_compatibility_pack, office_web_apps, sharepoint_server, word, word_viewer)

Posted on 2016년 6월 16일2016년 6월 18일 by admin

CVE-2016-3234 (office, office_compatibility_pack, office_web_apps, sharepoint_server, word, word_viewer)

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to obtain sensitive information from process memory via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability."

Source: CVE-2016-3234 (office, office_compatibility_pack, office_web_apps, sharepoint_server, word, word_viewer)