10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.968 High
EPSS
Percentile
99.7%
Adobe reports:
Adobe has released security updates for Adobe Flash Player for
Windows, Macintosh and Linux. These updates address vulnerabilities
that could potentially allow an attacker to take control of the
affected system.
These updates resolve memory corruption vulnerabilities that could
lead to code execution (CVE-2015-0332, CVE-2015-0333, CVE-2015-0335,
CVE-2015-0339).
These updates resolve type confusion vulnerabilities that could lead
to code execution (CVE-2015-0334, CVE-2015-0336).
These updates resolve a vulnerability that could lead to a
cross-domain policy bypass (CVE-2015-0337).
These updates resolve a vulnerability that could lead to a file
upload restriction bypass (CVE-2015-0340).
These updates resolve an integer overflow vulnerability that could
lead to code execution (CVE-2015-0338).
These updates resolve use-after-free vulnerabilities that could lead
to code execution (CVE-2015-0341, CVE-2015-0342).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | linux-c6-flashplugin | <= 11.2r202.442 | UNKNOWN |
FreeBSD | any | noarch | linux-f10-flashplugin | <= 11.2r202.442 | UNKNOWN |