{"containers": {"cna": {"affected": [{"product": "Flash Player Desktop Runtime", "vendor": "Adobe", "versions": [{"status": "affected", "version": "32.0.0.114 and earlier"}]}, {"product": "Flash Player for Google Chrome", "vendor": "Adobe", "versions": [{"status": "affected", "version": "32.0.0.114 and earlier"}]}, {"product": "Flash Player for Microsoft Edge and Internet Explorer 11", "vendor": "Adobe", "versions": [{"status": "affected", "version": "32.0.0.114\u202fand earlier"}]}], "descriptions": [{"lang": "en", "value": "Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure."}], "problemTypes": [{"descriptions": [{"description": "Out-of-bounds read", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-05-24T18:41:31", "orgId": "078d4453-3bcd-4900-85e6-15281da43538", "shortName": "adobe"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-06.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@adobe.com", "ID": "CVE-2019-7090", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Flash Player Desktop Runtime", "version": {"version_data": [{"version_value": "32.0.0.114 and earlier"}]}}, {"product_name": "Flash Player for Google Chrome", "version": {"version_data": [{"version_value": "32.0.0.114 and earlier"}]}}, {"product_name": "Flash Player for Microsoft Edge and Internet Explorer 11", "version": {"version_data": [{"version_value": "32.0.0.114\u202fand earlier"}]}}]}, "vendor_name": "Adobe"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Out-of-bounds read"}]}]}, "references": {"reference_data": [{"name": "https://helpx.adobe.com/security/products/flash-player/apsb19-06.html", "refsource": "CONFIRM", "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-06.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T20:38:33.014Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-06.html"}]}]}, "cveMetadata": {"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538", "assignerShortName": "adobe", "cveId": "CVE-2019-7090", "datePublished": "2019-05-24T18:41:31", "dateReserved": "2019-01-28T00:00:00", "dateUpdated": "2024-08-04T20:38:33.014Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "5767326A-B865-469F-A42F-CC921C1E1C3B", "versionEndIncluding": "32.0.0.114", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false}, {"criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79", "vulnerable": false}, {"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "matchCriteriaId": "BA4B75F3-7BF8-44D4-87F9-274C4A65DB77", "versionEndIncluding": "32.0.0.114", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E", "vulnerable": false}, {"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:edge:*:*", "matchCriteriaId": "62310714-0959-4175-8D6D-B260543E9B93", "versionEndIncluding": "32.0.0.114", "vulnerable": true}, {"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "matchCriteriaId": "07502A5D-5764-4859-9B6B-E3E9D36BDF6A", "versionEndIncluding": "32.0.0.114", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*", "matchCriteriaId": "FBC814B4-7DEC-4EFC-ABFF-08FFD9FD16AA", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows_8.1:*:*:*:*:*:*:*:*", "matchCriteriaId": "A7F51B5F-AA19-4D31-89FA-6DFAC4BA8F0F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure."}, {"lang": "es", "value": "Las versiones de Flash Player Desktop Runtime 32.0.0.114 y anteriores, Flash Player para versiones de Google Chrome 32.0.0.114 y anteriores, y las versiones de Flash Player para Microsoft Edge e Internet Explorer 11 32.0.0.114 y anteriores tienen una vulnerabilidad de lectura fuera de l\u00edmites. Su explotaci\u00f3n exitosa podr\u00eda llevar a la divulgaci\u00f3n de informaci\u00f3n."}], "id": "CVE-2019-7090", "lastModified": "2024-11-21T04:47:32.540", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-05-24T19:29:02.783", "references": [{"source": "psirt@adobe.com", "tags": ["Vendor Advisory"], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-06.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://helpx.adobe.com/security/products/flash-player/apsb19-06.html"}], "sourceIdentifier": "psirt@adobe.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2019:0348", "cpe": "cpe:/a:redhat:rhel_extras:6", "package": "flash-plugin-0:32.0.0.142-1.el6_10", "product_name": "Red Hat Enterprise Linux 6 Supplementary", "release_date": "2019-02-14T00:00:00Z"}], "bugzilla": {"description": "flash-plugin: Information Disclosure vulnerability (APSB19-06)", "id": "1676575", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1676575"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "status": "verified"}, "details": ["Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Player for Google Chrome versions 32.0.0.114 and earlier, and Flash Player for Microsoft Edge and Internet Explorer 11 versions 32.0.0.114 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure."], "name": "CVE-2019-7090", "public_date": "2019-02-12T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-7090\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-7090\nhttps://helpx.adobe.com/security/products/flash-player/apsb19-06.html"], "threat_severity": "Important", "upstream_fix": "flash-plugin 32.0.0.142"}