Lucene search

[email protected]CVE-2015-0308

HistoryJan 13, 2015 - 11:59 p.m.

CVE-2015-0308

2015-01-1323:59:06

[email protected]

web.nvd.nist.gov

cve-2015-0308

use-after-free

adobe flash player

vulnerability

arbitrary code execution

nvd

7.4 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.032 Low

EPSS

Percentile

91.2%

JSON

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors.

Affected configurations

NVD

Node

adobeadobe_airRange≤15.0.0.356android

Node

adobeadobe_airRange≤15.0.0.356

AND

applemac_os_x

microsoftwindows

Node

adobeflash_playerRange≤13.0.0.259

adobeflash_playerMatch14.0.0.125

adobeflash_playerMatch14.0.0.145

adobeflash_playerMatch14.0.0.176

adobeflash_playerMatch14.0.0.179

adobeflash_playerMatch15.0.0.144

adobeflash_playerMatch15.0.0.152

adobeflash_playerMatch15.0.0.167

adobeflash_playerMatch15.0.0.189

adobeflash_playerMatch15.0.0.223

adobeflash_playerMatch15.0.0.238

adobeflash_playerMatch15.0.0.239

adobeflash_playerMatch15.0.0.246

adobeflash_playerMatch16.0.0.234

adobeflash_playerMatch16.0.0.235

AND

applemac_os_x

microsoftwindows

Node

adobeadobe_air_sdk_and_compilerRange≤15.0.0.356

Node

adobeadobe_air_sdkRange≤15.0.0.356

Node

adobeflash_playerMatch11.2.202.425

AND

linuxlinux_kernel

CPENameOperatorVersion
adobe:adobe_airadobe adobe airle15.0.0.356

CPE	Name	Operator	Version
adobe:adobe_air	adobe adobe air	le	15.0.0.356

References

helpx.adobe.com/security/products/flash-player/apsb15-01.html

secunia.com/advisories/62177

secunia.com/advisories/62187

secunia.com/advisories/62252

secunia.com/advisories/62371

secunia.com/advisories/62740

security.gentoo.org/glsa/glsa-201502-02.xml

www.securityfocus.com/bid/72039

www.securitytracker.com/id/1031525

exchange.xforce.ibmcloud.com/vulnerabilities/99989

7.4 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.032 Low

EPSS

Percentile

91.2%

JSON

Related for CVE-2015-0308

checkpoint_advisories1 ubuntucve1 nvd1 prion1 cvelist1 suse5 nessus15 securityvulns1 openvas9 kaspersky1 archlinux2 redhat1 freebsd1 mageia1 gentoo1