Lucene search

[email protected]CVE-2015-0325

HistoryFeb 06, 2015 - 12:59 a.m.

CVE-2015-0325

2015-02-0600:59:10

[email protected]

web.nvd.nist.gov

cve-2015-0325

adobe flash player

denial of service

null pointer dereference

security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

High

0.027 Low

EPSS

Percentile

90.5%

JSON

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-0326 and CVE-2015-0328.

Affected configurations

NVD

Node

adobeflash_playerRange≤11.2.202.440

AND

linuxlinux_kernelMatch-

Node

adobeflash_playerRange≤13.0.0.264

adobeflash_playerMatch14.0.0.125

adobeflash_playerMatch14.0.0.145

adobeflash_playerMatch14.0.0.176

adobeflash_playerMatch14.0.0.179

adobeflash_playerMatch15.0.0.152

adobeflash_playerMatch15.0.0.167

adobeflash_playerMatch15.0.0.189

adobeflash_playerMatch15.0.0.223

adobeflash_playerMatch15.0.0.239

adobeflash_playerMatch15.0.0.246

adobeflash_playerMatch16.0.0.235

adobeflash_playerMatch16.0.0.257

adobeflash_playerMatch16.0.0.287

adobeflash_playerMatch16.0.0.296

AND

applemac_os_xMatch-

microsoftwindowsMatch-

CPENameOperatorVersion
adobe:flash_playeradobe flash playerle11.2.202.440

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	le	11.2.202.440

References

lists.opensuse.org/opensuse-security-announce/2015-02/msg00006.html

lists.opensuse.org/opensuse-security-announce/2015-02/msg00007.html

lists.opensuse.org/opensuse-security-announce/2015-02/msg00008.html

lists.opensuse.org/opensuse-security-announce/2015-02/msg00009.html

rhn.redhat.com/errata/RHSA-2015-0140.html

secunia.com/advisories/62886

secunia.com/advisories/62895

security.gentoo.org/glsa/glsa-201502-02.xml

www.securityfocus.com/bid/72514

www.securitytracker.com/id/1031706

exchange.xforce.ibmcloud.com/vulnerabilities/100711

helpx.adobe.com/security/products/flash-player/apsb15-04.html

technet.microsoft.com/library/security/2755801

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.1 High

AI Score

Confidence

High

0.027 Low

EPSS

Percentile

90.5%

JSON

Related for CVE-2015-0325

cve2 ubuntucve3 prion3 cvelist3 nvd3 checkpoint_advisories3 archlinux1 nessus12 suse4 openvas7 altlinux1 redhat1 mageia1 gentoo1