VYPR

Air

by Adobe Inc.

CVEs (588)

  • CVE-2009-0522Feb 26, 2009
    risk 0.00cvss epss 0.03

    Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Windows allows remote attackers to trick a user into visiting an arbitrary URL via an unspecified manipulation of the "mouse pointer display," related to a "Clickjacking attack."

  • CVE-2009-0114Feb 26, 2009
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking…

  • CVE-2008-5363Dec 8, 2008
    risk 0.00cvss epss 0.04

    The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, does not validate character elements during retrieval from the dictionary data structure, which allows remote attackers to cause a denial of…

  • CVE-2008-5362Dec 8, 2008
    risk 0.00cvss epss 0.04

    The DefineConstantPool action in the ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, accepts an untrusted input value for a "constant count," which allows remote attackers to read sensitive data from…

  • CVE-2008-5361Dec 8, 2008
    risk 0.00cvss epss 0.04

    The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, does not verify a member element's size when performing (1) DefineConstantPool, (2) ActionJump, (3) ActionPush, (4) ActionTry, and unspecified…

  • CVE-2008-5108Nov 17, 2008
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in Adobe AIR 1.1 and earlier allows context-dependent attackers to execute untrusted JavaScript in an AIR application via unknown attack vectors.

  • CVE-2008-1655Apr 9, 2008
    risk 0.00cvss epss 0.05

    Unspecified vulnerability in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, makes it easier for remote attackers to conduct DNS rebinding attacks via unknown vectors.

  • CVE-2007-3640Jul 10, 2007
    risk 0.00cvss epss 0.03

    Adobe Integrated Runtime (AIR, aka Apollo) allows context-dependent attackers to modify arbitrary files within an executing .air file (compiled AIR application) and perform cross-site scripting (XSS) attacks, as demonstrated by an application that modifies an HTML file inside…

Page 30 of 30