New issue
Advanced search Search tips
ListGrid
Loading...
  ID Type  Status  Priority  Milestone  Owner  Summary + Labels ...
  247 ---- Fixed ---- ---- mjurczyk@google.com Adobe Reader CoolType out-of-bounds reads from the input CharString stream CCProjectZeroMembers  
  276 ---- Fixed ---- ---- cevans@google.com Flash: not great ASLR for the Flash heap on Win7 64-bit CCProjectZeroMembers  
  336 ---- Fixed ---- ---- cevans@google.com Adobe Flash: Type Confusion in NetConnection with __proto__ CCProjectZeroMembers  
  337 ---- Fixed ---- ---- cevans@google.com FileReferenceList.browse does not check that fileList is a ScriptObject CCProjectZeroMembers  
  338 ---- Fixed ---- ---- cevans@google.com Adobe Flash: Type Confusion in SharedObject.data CCProjectZeroMembers  
  342 ---- Fixed ---- ---- cevans@google.com Flash AS2 Use After Free while setting TextField.filters CCProjectZeroMembers  
  344 ---- Fixed ---- ---- cevans@google.com Adobe Flash: SharedObject Destructor Sets data to Normal Type CCProjectZeroMembers  
  349 ---- Fixed ---- ---- cevans@google.com Flash: use-after-free in display list handling from KEEN Team, round 2 CCProjectZeroMembers  
  350 ---- Fixed ---- ---- mjurczyk@google.com Adobe Flash bad free condition CCProjectZeroMembers  
  354 ---- Fixed ---- ---- cevans@google.com Flash: Boundless Tunes - universal SOP bypass through ActionSctipt's Sound object CCProjectZeroMembers  
  356 ---- Fixed ---- ---- cevans@google.com Use-after-free when setting internal boolean CCProjectZeroMembers  
  357 ---- Fixed ---- ---- cevans@google.com Adobe Flash: Use-after-free when setting internal number CCProjectZeroMembers  
  366 ---- Fixed ---- ---- cevans@google.com Adobe Flash: Use-after-free when printing XML Attributes CCProjectZeroMembers  
  367 ---- Fixed ---- ---- cevans@google.com Flash UAF with Color.setRGB in AS2 CCProjectZeroMembers  
  371 ---- Fixed ---- ---- cevans@google.com Adobe Flash: Use-after-free in Array.push CCProjectZeroMembers  
  372 ---- Fixed ---- ---- cevans@google.com Adobe Flash: Use-after-free in Array.unshift CCProjectZeroMembers  
  374 ---- Fixed ---- ---- cevans@google.com Adobe Flash: Array.sort can go out of bounds CCProjectZeroMembers  
  378 ---- Fixed ---- ---- cevans@google.com Flash: out-of-bounds read in UTF conversion CCProjectZeroMembers  
  381 ---- Fixed ---- ---- cevans@google.com Adobe Flash: Use-after-free in tabIndex setter CCProjectZeroMembers  
  388 ---- Fixed ---- ---- cevans@google.com Adobe Flash: Use-after-free in Drawing Methods this CCProjectZeroMembers  
  389 ---- Fixed ---- ---- cevans@google.com Adobe Flash: Use-after-free when calling setMask CCProjectZeroMembers  
  410 ---- Fixed ---- ---- hawkes@google.com Adobe Flash URL Resource Use-after-free CCProjectZeroMembers  
  421 ---- Fixed ---- ---- cevans@google.com Adobe Flash: NetConnection Constructor needs Normal Check CCProjectZeroMembers  
  425 ---- Fixed ---- ---- cevans@google.com Flash: heap-based buffer overflow loading FLV file with Nellymoser audio codec CCProjectZeroMembers  
  426 ---- Fixed ---- ---- cevans@google.com Flash: heap-based buffer overflow due to indexing error when loading FLV file CCProjectZeroMembers  
  472 ---- Fixed ---- ---- cevans@google.com Adobe Flash: Use-after-free in ByteArray Operator[] CCProjectZeroMembers