Lucene search

[email protected]CVE-2015-3126

HistoryJul 09, 2015 - 4:59 p.m.

CVE-2015-3126

2015-07-0916:59:13

[email protected]

web.nvd.nist.gov

cve-2015-3126

adobe flash player

adobe air

denial of service

null pointer dereference

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.7%

JSON

Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2015-4429.

Affected configurations

NVD

Node

adobeflash_playerRange≤11.2.202.468

AND

linuxlinux_kernelMatch-

Node

adobeflash_playerRange≤13.0.0.289

adobeflash_playerMatch14.0.0.125

adobeflash_playerMatch14.0.0.145

adobeflash_playerMatch14.0.0.176

adobeflash_playerMatch14.0.0.179

adobeflash_playerMatch15.0.0.152

adobeflash_playerMatch15.0.0.167

adobeflash_playerMatch15.0.0.189

adobeflash_playerMatch15.0.0.223

adobeflash_playerMatch15.0.0.239

adobeflash_playerMatch15.0.0.246

adobeflash_playerMatch16.0.0.235

adobeflash_playerMatch16.0.0.257

adobeflash_playerMatch16.0.0.287

adobeflash_playerMatch16.0.0.296

adobeflash_playerMatch17.0.0.134

adobeflash_playerMatch17.0.0.169

adobeflash_playerMatch17.0.0.188

adobeflash_playerMatch17.0.0.190

adobeflash_playerMatch18.0.0.160

adobeflash_playerMatch18.0.0.194

AND

applemac_os_xMatch-

microsoftwindowsMatch-

Node

adobeairRange≤18.0.0.144

adobeair_sdkRange≤18.0.0.144

adobeair_sdk_\&_compilerRange≤18.0.0.144

CPENameOperatorVersion
adobe:flash_playeradobe flash playerle11.2.202.468

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	le	11.2.202.468

References

lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html

lists.opensuse.org/opensuse-security-announce/2015-07/msg00018.html

rhn.redhat.com/errata/RHSA-2015-1214.html

www.securityfocus.com/bid/75596

www.securitytracker.com/id/1032810

helpx.adobe.com/security/products/flash-player/apsb15-16.html

security.gentoo.org/glsa/201507-13

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.7%

JSON

Related for CVE-2015-3126

ubuntucve2 prion2 cve1 nvd2 cvelist2 checkpoint_advisories2 openvas8 suse2 altlinux2 nessus15 gentoo1 kaspersky1 securityvulns1 redhat1 mageia1