For example authorised users using an older browser with Adobe Flash are vulnerable when targeted by an attacker. It was found that the AMQ Online console is vulnerable to a Cross-Site Request Forgery (CSRF) which is exploitable in cases where preflight checks are not instigated or bypassed. Successful exploitation could lead to arbitrary code execution. Successful exploitation could lead to arbitrary code execution.Īdobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. Exploitation of this issue requires an attacker to insert malicious strings in an HTTP response that is by default delivered over TLS/SSL.Īdobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0.0.371 and earlier, and Adobe Flash Player for Microsoft Edge and Internet Explorer 32.0.0.330 and earlier have an use after free vulnerability.
Adobe Flash Player version 32.0.0.433 (and earlier) are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution.
