Flash Player

flash_player

Vendor: Macromedia • 42 CVEs

CVEs (42)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2010-2167 2Adobe Macromedia 3Air Flash PlayerFlash Player Apr 29, 2026 Jun 15, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple heap-based buffer overflows in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to...Show more Multiple heap-based buffer overflows in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to malformed (1) GIF or (2) JPEG data.Show less
CVE-2010-2166 2Adobe Macromedia 3Air Flash PlayerFlash Player Apr 29, 2026 Jun 15, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vecto...Show more Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.Show less
CVE-2010-2165 2Adobe Macromedia 3Air Flash PlayerFlash Player Apr 29, 2026 Jun 15, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vecto...Show more Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.Show less
CVE-2010-2164 2Adobe Macromedia 3Air Flash PlayerFlash Player Apr 29, 2026 Jun 15, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to an unsp...Show more Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to an unspecified "image type within a certain function."Show less
CVE-2010-2163 2Adobe Macromedia 3Air Flash PlayerFlash Player Apr 29, 2026 Jun 15, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Multiple unspecified vulnerabilities in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unknown vectors.
CVE-2010-2162 2Adobe Macromedia 3Air Flash PlayerFlash Player Apr 29, 2026 Jun 15, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors rela...Show more Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors related to improper length calculation and the (1) STSC, (2) STSZ, and (3) STCO atoms.Show less
CVE-2010-2161 2Adobe Macromedia 3Air Flash PlayerFlash Player Apr 29, 2026 Jun 15, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Array index error in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified "types of Adobe Flash code."
CVE-2010-2160 2Adobe Macromedia 3Air Flash PlayerFlash Player Apr 29, 2026 Jun 15, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an invalid offset...Show more Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an invalid offset in an unspecified undocumented opcode in ActionScript Virtual Machine 2, related to getouterscope, a different vulnerability than CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.Show less
CVE-2009-3793 2Adobe Macromedia 3Air Flash PlayerFlash Player Apr 29, 2026 Jun 15, 2010 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory consumption) or possibly execute arbitr...Show more Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory consumption) or possibly execute arbitrary code via unknown vectors.Show less
CVE-2006-6827 1Macromedia 1Flash Player Apr 23, 2026 Dec 31, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Flash8b.ocx in Macromedia Flash 8 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long string in the Flash8b.AllowScriptAccess method.
CVE-2006-0024 1Macromedia 1Flash Player Apr 16, 2026 Mar 15, 2006 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.
CVE-2005-3591 1Macromedia 1Flash Player Apr 16, 2026 Nov 16, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Macromedia Flash plugin (1) Flash.ocx 7.0.19.0 (Windows) and earlier and (2) libflashplayer.so before 7.0.25.0 (Unix) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via p...Show more Macromedia Flash plugin (1) Flash.ocx 7.0.19.0 (Windows) and earlier and (2) libflashplayer.so before 7.0.25.0 (Unix) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via parameters to the ActionDefineFunction ActionScript call in a SWF file, which causes an improper memory access condition, a different vulnerability than CVE-2005-2628.Show less
CVE-2005-2628 1Macromedia 1Flash Player Apr 16, 2026 Nov 5, 2005 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer.
CVE-2003-1017 1Macromedia 2Director Flash Player Apr 16, 2026 Jan 5, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is accessible to web browsers such as Internet Explorer and Opera, which allows remote attackers to read restricted files vi...Show more Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is accessible to web browsers such as Internet Explorer and Opera, which allows remote attackers to read restricted files via vulnerabilities in web browsers whose exploits rely on predictable names.Show less
CVE-2002-1467 1Macromedia 2Flash Player Shockwave Apr 16, 2026 Apr 22, 2003 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from...Show more Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restriction and read arbitrary files via (1) an HTTP redirect, (2) a "file://" base in a web document, or (3) a relative URL from a web archive (mht file).Show less
CVE-2002-1534 1Macromedia 1Flash Player Apr 16, 2026 Mar 31, 2003 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf file that is hosted on a remote SMB share.
CVE-2002-1881 1Macromedia 1Flash Player Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the b...Show more Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers.Show less
CVE-2002-1625 1Macromedia 1Flash Player Apr 16, 2026 Dec 31, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Macromedia Flash Player 6 does not terminate connections when the user leaves the web page, which allows remote attackers to cause a denial of service (bandwidth, resource, and CPU consumption) via the (1) loadMovie or (...Show more Macromedia Flash Player 6 does not terminate connections when the user leaves the web page, which allows remote attackers to cause a denial of service (bandwidth, resource, and CPU consumption) via the (1) loadMovie or (2) loadSound commands, which continue to execute until the browser is closed.Show less
CVE-2002-1382 1Macromedia 1Flash Player Apr 16, 2026 Dec 23, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Macromedia Flash Player before 6.0.65.0 allows remote attackers to execute arbitrary code via certain malformed data headers in Shockwave Flash file format (SWF) files, a different issue than CAN-2002-0846.
CVE-2002-0477 1Macromedia 1Flash Player Apr 16, 2026 Aug 12, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Standalone Macromedia Flash Player 5.0 before 5,0,30,2 allows remote attackers to execute arbitrary programs via a .SWF file containing the "exec" FSCommand.

Previous 123 Next