Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2015-5576
HistorySep 22, 2015 - 10:59 a.m.

CVE-2015-5576

2015-09-2210:59:08
CWE-200
[email protected]
web.nvd.nist.gov
37
cve-2015-5576
adobe flash player
security vulnerability
aslr bypass
nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.071 Low

EPSS

Percentile

94.0%

JSON

Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors.

Affected configurations

NVD
Node
adobeairRange18.0.0.199
OR
adobeair_sdkRange18.0.0.199
OR
adobeair_sdk_\&_compilerRange18.0.0.180
AND
applemac_os_x
OR
microsoftwindows
Node
adobeflash_playerRange13.0.0.289
OR
adobeflash_playerMatch14.0.0.125
OR
adobeflash_playerMatch14.0.0.145
OR
adobeflash_playerMatch14.0.0.176
OR
adobeflash_playerMatch14.0.0.179
OR
adobeflash_playerMatch15.0.0.152
OR
adobeflash_playerMatch15.0.0.167
OR
adobeflash_playerMatch15.0.0.189
OR
adobeflash_playerMatch15.0.0.223
OR
adobeflash_playerMatch15.0.0.239
OR
adobeflash_playerMatch15.0.0.246
OR
adobeflash_playerMatch16.0.0.235
OR
adobeflash_playerMatch16.0.0.257
OR
adobeflash_playerMatch16.0.0.287
OR
adobeflash_playerMatch16.0.0.296
OR
adobeflash_playerMatch17.0.0.134
OR
adobeflash_playerMatch17.0.0.169
OR
adobeflash_playerMatch17.0.0.188
OR
adobeflash_playerMatch17.0.0.190
OR
adobeflash_playerMatch17.0.0.191
OR
adobeflash_playerMatch18.0.0.160
OR
adobeflash_playerMatch18.0.0.194
OR
adobeflash_playerMatch18.0.0.203
OR
adobeflash_playerMatch18.0.0.209
OR
adobeflash_playerMatch18.0.0.232
AND
applemac_os_x
OR
microsoftwindows
Node
adobeflash_playerRange11.2.202.508
AND
linuxlinux_kernel
Node
adobeairRange18.0.0.143
AND
googleandroid

Related

ubuntucve 1
nvd 1
cvelist 1
checkpoint_advisories 1
prion 1
thn 1
altlinux 2
nessus 17
kaspersky 2
openvas 8
archlinux 1
redhat 1
suse 4
freebsd 1
gentoo 1
mageia 1
ubuntucve
ubuntucve
CVE-2015-5576
2015-09-22 00:00:00
nvd
nvd
CVE-2015-5576
2015-09-22 10:59:08
cvelist
cvelist
CVE-2015-5576
2015-09-22 10:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Information Disclosure (APSB15-23: CVE-2015-5576)
2015-10-07 00:00:00
prion
prion
Design/Logic Flaw
2015-09-22 10:59:00
thn
thn
Adobe Releases 23 Security Updates for Flash Player
2015-09-22 20:58:00
altlinux
altlinux
Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt53
2015-09-25 00:00:00
Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt53
2015-09-25 00:00:00
nessus
nessus
RHEL 5 / 6 : flash-plugin (RHSA-2015:1814)
2015-09-23 00:00:00
Google Chrome < 45.0.2454.99 Multiple Vulnerabilities (Mac OS X)
2015-09-22 00:00:00
Adobe Flash Player <= 18.0.0.232 Multiple Vulnerabilities (APSB15-23)
2015-09-22 00:00:00
kaspersky
kaspersky
KLA10671 Flash Player update for Google Chrome
2015-09-21 00:00:00
KLA10670 Multiple vulnerabilities in Adobe products
2015-09-21 00:00:00
openvas
openvas
SUSE: Security Advisory for flash-player (SUSE-SU-2015:1618-1)
2015-10-16 00:00:00
Mageia: Security Advisory (MGASA-2015-0379)
2015-10-15 00:00:00
Adobe Air Multiple Vulnerabilities (Sep 2015) - Windows
2015-09-24 00:00:00
archlinux
archlinux
flashplugin: multiple issues
2015-09-22 00:00:00
redhat
redhat
(RHSA-2015:1814) Critical: flash-plugin security update
2015-09-22 00:00:00
suse
suse
Security update for flash-player (important)
2015-09-23 16:07:42
Security update for flash-player (important)
2015-09-23 16:08:55
Security update for flash-player (critical)
2015-09-23 16:08:18
freebsd
freebsd
flash -- multiple vulnerabilities
2015-09-21 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2015-09-25 00:00:00
mageia
mageia
Updated flash-player-plugin packages fix security vulnerabilities
2015-09-22 00:07:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.071 Low

EPSS

Percentile

94.0%

JSON
Related for CVE-2015-5576
ubuntucve1nvd1cvelist1checkpoint_advisories1prion1thn1altlinux2nessus17kaspersky2openvas8archlinux1redhat1suse4freebsd1gentoo1mageia1