A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information or bypass security restrictions.

Workaround

There is no known workaround at this time.

Resolution

All Adobe Flash Player users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose
 "&gt;=www-plugins/adobe-flash-11.2.202.442"

OSVersionArchitecturePackageVersionFilename
Gentooanyallwww-plugins/adobe-flash< 11.2.202.442UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Gentoo	any	all	www-plugins/adobe-flash	< 11.2.202.442	UNKNOWN

nessus 33

openvas 20

suse 13

mageia 2

altlinux 1

redhat 3

archlinux 3

securityvulns 1

freebsd 2

prion 28

cve 27

ubuntucve 27

attackerkb 4

checkpoint_advisories 20

thn 2

threatpost 4

cisa_kev 2

hackerone 2

symantec 1

zdi 2

kaspersky 1

seebug 1

nessus

GLSA-201502-02 : Adobe Flash Player: Multiple vulnerabilities

2015-02-09 00:00:00

SuSE 11.3 Security Update : flash-player, flash-player-gnome, flash-player-kde4 (SAT Patch Number 10287)

2015-02-09 00:00:00

RHEL 5 / 6 : flash-plugin (RHSA-2015:0140)

2015-02-09 00:00:00

openvas

Gentoo Security Advisory GLSA 201502-02

2015-09-29 00:00:00

SUSE: Security Advisory for flash-player (SUSE-SU-2015:0239-1)

2015-10-16 00:00:00

SUSE: Security Advisory for flash-player (SUSE-SU-2015:0236-1)

2015-10-16 00:00:00

suse

update for flash-player (critical)

2015-02-07 14:04:53

Security update for flash-player, flash-player-gnome, flash-player-kde4 (critical)

2015-02-07 19:07:55

Security update for flash-player (critical)

2015-02-07 10:04:51

mageia

Updated flash-player-plugin packages fix security vulnerabilities

2015-02-06 19:51:41

Updated flash-player-plugin packages fix security vulnerabilities

2015-01-15 00:55:48

altlinux

Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt41

2015-02-06 00:00:00

redhat

(RHSA-2015:0140) Critical: flash-plugin security update

2015-02-06 00:00:00

(RHSA-2015:0052) Critical: flash-plugin security update

2015-01-14 00:00:00

(RHSA-2015:0094) Critical: flash-plugin security update

2015-01-27 00:00:00

archlinux

flashplugin: remote code execution

2015-02-06 00:00:00

flashplugin: multiple issues

2014-01-15 00:00:00

flashplugin: multiple issues

2015-01-23 00:00:00

securityvulns

Adobe Flash Player multiple security vulnerabilities

2015-01-19 00:00:00

freebsd

Adobe Flash Player -- multiple vulnerabilities

2015-01-13 00:00:00

Adobe Flash Player -- critical vulnerability

2015-01-22 00:00:00

prion

Memory corruption

2015-02-06 00:59:00

Memory corruption

2015-02-06 00:59:00

Memory corruption

2015-02-06 00:59:00

cve

CVE-2015-0314

2015-02-06 00:59:00

CVE-2015-0321

2015-02-06 00:59:00

CVE-2015-0330

2015-02-06 00:59:00

ubuntucve

CVE-2015-0318

2015-02-06 00:00:00

CVE-2015-0316

2015-02-06 00:00:00

CVE-2015-0321

2015-02-06 00:00:00

attackerkb

CVE-2015-0322

2015-02-06 00:00:00

CVE-2015-0313

2015-02-02 00:00:00

CVE-2015-0320

2015-02-06 00:00:00

checkpoint_advisories

Adobe Flash Player Memory Corruption (APSB15-03: CVE-2015-0310: CVE-2015-0311)

2015-01-28 00:00:00

Adobe Flash Player Action Script Evasion (CVE-2015-0310; CVE-2015-0311)

2015-01-26 00:00:00

Adobe Flash Player Heap Buffer Overflow (APSB15-04: CVE-2015-0327)

2015-02-24 00:00:00

thn

Adobe patches 2nd Flash Player Zero-day Vulnerability

2015-01-25 08:11:00

Another Unpatched Adobe Flash Zero-Day vulnerability Exploited in the Wild

2015-02-02 06:29:00

threatpost

Adobe Patches One Zero Day in Flash, Still Investigating Separate Vulnerability

2015-01-22 11:43:46

January 2015 Adobe Flash Player Security Update

2015-01-13 13:45:04

Control Flow Guard Mitigation Bypass

2015-09-22 15:00:11

cisa_kev

Adobe Flash Player ASLR Bypass Vulnerability

2022-05-25 00:00:00

Adobe Flash Player Remote Code Execution Vulnerability

2022-04-13 00:00:00

hackerone

Internet Bug Bounty: Use After Free in Flash MessageChannel.send can cause arbitrary code execution

2015-02-09 18:50:52

Internet Bug Bounty: Use after free during the StageVideoAvailabilityEvent can result in arbitrary code execution

2015-02-09 18:44:09

symantec

Adobe Flash Player CVE-2015-0310 Unspecified Memory Corruption Vulnerability

2015-01-22 00:00:00

zdi

Adobe Flash Player BitmapFilter Invalid Object Corruption Remote Code Execution Vulnerability

2015-02-10 00:00:00

Adobe Flash Player AVSegmentedSource::getABRProfileInfoAtIndex Out-Of-Bounds Read Information Disclosure Vulnerability

2015-01-21 00:00:00

kaspersky

KLA10439 Multiple vulnerabilities in Adobe products

2015-01-13 00:00:00

seebug

Adobe Flash Player Convolution Filter UAF 命令执行

2015-07-08 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

JSON

Related for GLSA-201502-02