» 2017 » 12월

CVE-2017-11215

Posted on 2017년 12월 9일2017년 12월 9일 by admin

CVE-2017-11215

An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK. The mismatch between an old and a new object can provide an attacker with unintended memory access — potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitation could lead to arbitrary code execution.

Source: CVE-2017-11215

CVE-2017-11297

Posted on 2017년 12월 9일2017년 12월 9일 by admin

CVE-2017-11297

An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. An exploitable memory corruption vulnerability exists, which could lead to disclosure of memory addresses.

Source: CVE-2017-11297

CVE-2017-11225

Posted on 2017년 12월 9일2017년 12월 9일 by admin

CVE-2017-11225

An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the Primetime SDK metadata functionality. The mismatch between an old and a new object can provide an attacker with unintended memory access — potentially leading to code corruption, control-flow hijack, or an information leak attack. Successful exploitation could lead to arbitrary code execution.

Source: CVE-2017-11225

CVE-2017-11288

Posted on 2017년 12월 9일2017년 12월 9일 by admin

CVE-2017-11288

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure.

Source: CVE-2017-11288

CVE-2017-11287

Posted on 2017년 12월 9일2017년 12월 9일 by admin

CVE-2017-11287

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure.

Source: CVE-2017-11287

CVE-2017-11290

Posted on 2017년 12월 9일2017년 12월 9일 by admin

CVE-2017-11290

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A UI Redress (or Clickjacking) vulnerability exists. This issue has been resolved by adding a feature that enables Connect administrators to protect users from UI redressing (or clickjacking) attacks.

Source: CVE-2017-11290

CVE-2017-11289

Posted on 2017년 12월 9일2017년 12월 9일 by admin

CVE-2017-11289

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A reflected cross-site scripting vulnerability exists that can result in information disclosure.

Source: CVE-2017-11289

CVE-2017-11293

Posted on 2017년 12월 9일2017년 12월 9일 by admin

CVE-2017-11293

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution.

Source: CVE-2017-11293

CVE-2017-11291

Posted on 2017년 12월 9일2017년 12월 9일 by admin

CVE-2017-11291

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request Forgery (SSRF) vulnerability exists that could be abused to bypass network access controls.

Source: CVE-2017-11291

CVE-2017-11294

Posted on 2017년 12월 9일2017년 12월 9일 by admin

CVE-2017-11294

An issue was discovered in Adobe Shockwave 12.2.9.199 and earlier. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution.

Source: CVE-2017-11294