Kaspersky LabKLA10547KLA10547 Multiple vulnerabilities in Adobe Flash Player
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.005 Low
EPSS
Percentile
76.5%
Detect date:
04/14/2015
Severity:
Critical
Description:
Memory corruption, buffer overflow, use-after-free, double free and memory leak vulnerabilities were found in Adobe Flash. By exploiting these vulnerabilities malicious users can bypass security restrictions, execute arbitrary code or obtain sensitive information. These vulnerabilities can be exploited remotely via an unknown vectors.
Affected products:
Adobe Flash Player for Linux versions earlier than 11.2.202.457
Adobe Flash Player versions earlier than 17.0.0.169
Adobe Flash Player Extended Support versions earlier than 13.0.0.281
Solution:
Update to the latest version
Get Flash Player
Original advisories:
Impacts:
ACE
Related products:
CVE-IDS:
Exploitation:
Public exploits exist for this vulnerability.
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0357
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3040
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3044
get2.adobe.com/flashplayer/
helpx.adobe.com/security/products/flash-player/apsb15-06.html
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Adobe-Flash-Player-ActiveX/
threats.kaspersky.com/en/product/Adobe-Flash-Player-NPAPI/
threats.kaspersky.com/en/product/Adobe-Flash-Player-PPAPI/
Related
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.005 Low
EPSS
Percentile
76.5%