Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10576
HistoryMay 12, 2015 - 12:00 a.m.

KLA10576 Flash Player update for Google Chrome

2015-05-1200:00:00
Kaspersky Lab
threats.kaspersky.com
32

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.1 Low

EPSS

Percentile

94.8%

JSON

Detect date:

05/12/2015

Severity:

Critical

Description:

Google Chrome was updated to address vulnerabilities in Flash Player. For details look at KLA10574.

Affected products:

Google Chrome versions earlier than 42.0.2311.152

Solution:

Update to the latest version. File with name old_chrome can be still detected after update. It caused by Google Chrome update policy which does not remove old versions when installing updates. Try to contact vendor for further delete instructions or ignore such kind of alerts at your own risk.
Get Google Chrome

Original advisories:

Google blog record

Impacts:

ACE

Related products:

Google Chrome

CVE-IDS:

CVE-2015-30445.0Critical
CVE-2015-30915.0Critical
CVE-2015-30795.0Critical
CVE-2015-30814.3Warning
CVE-2015-30925.0Critical
CVE-2015-30856.4High
CVE-2015-30836.4High
CVE-2015-30826.4High

Exploitation:

Public exploits exist for this vulnerability.

Related

kaspersky 1
prion 8
ubuntucve 8
cve 8
checkpoint_advisories 7
suse 7
nessus 28
altlinux 4
openvas 15
mageia 2
securityvulns 1
freebsd 2
gentoo 2
hackerone 2
redhat 2
zdt 3
zdi 1
archlinux 1
kaspersky
kaspersky
KLA10574 Multiple vulnerabilities in Adobe Flash Player
2015-05-12 00:00:00
prion
prion
Design/Logic Flaw
2015-05-13 11:00:00
Design/Logic Flaw
2015-05-13 11:00:00
Design/Logic Flaw
2015-05-13 11:00:00
ubuntucve
ubuntucve
CVE-2015-3085
2015-05-13 00:00:00
CVE-2015-3082
2015-05-13 00:00:00
CVE-2015-3083
2015-05-13 00:00:00
cve
cve
CVE-2015-3083
2015-05-13 11:00:00
CVE-2015-3085
2015-05-13 11:00:00
CVE-2015-3082
2015-05-13 11:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Validation Bypass (APSB15-09: CVE-2015-3085; CVE-2015-3082)
2015-06-02 00:00:00
Adobe Flash Player Memory Leak (APSB15-09: CVE-2015-3091)
2015-06-09 00:00:00
Adobe Flash Player Validation Bypass (APSB15-09: CVE-2015-3083)
2015-06-02 00:00:00
suse
suse
Security update for flash-player (important)
2015-05-19 17:04:53
Security update for flash-player (important)
2015-05-16 00:05:04
Security update for flash-player (important)
2015-05-14 20:04:55
nessus
nessus
Adobe Flash Player <= 17.0.0.169 Multiple Vulnerabilities (APSB15-09) (Mac OS X)
2015-05-12 00:00:00
Adobe Flash Player <= 17.0.0.169 Multiple Vulnerabilities (APSB15-09)
2015-05-12 00:00:00
Adobe AIR <= 17.0.0.144 Multiple Vulnerabilities (APSB15-09)
2015-06-12 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt44
2015-05-15 00:00:00
Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt44
2015-05-15 00:00:00
Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt43
2015-04-15 00:00:00
openvas
openvas
SUSE: Security Advisory for flash-player (SUSE-SU-2015:0878-1)
2015-10-16 00:00:00
Mageia: Security Advisory (MGASA-2015-0218)
2022-01-28 00:00:00
Gentoo Security Advisory GLSA 201505-02
2015-09-29 00:00:00
mageia
mageia
Updated flash-player-plugin packages fix security vulnerabilities
2015-05-12 22:37:48
Updated flash-player-plugin packages fix security vulnerabilities
2015-04-15 12:01:28
securityvulns
securityvulns
Adobe Flash Player multiple security vulnerabilities
2015-05-13 00:00:00
freebsd
freebsd
Adobe Flash Player -- critical vulnerabilities
2015-05-12 00:00:00
Adobe Flash Player -- critical vulnerabilities
2015-04-14 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2015-05-31 00:00:00
Adobe Flash Player: Multiple vulnerabilities
2015-04-17 00:00:00
hackerone
hackerone
Internet Bug Bounty: Internet-based attacker can run Flash apps in local sandboxes by using special URL schemes (PSIRT-3299, CVE-2015-3079)
2015-06-30 14:33:56
Internet Bug Bounty: Flash Player information disclosure (etc.) CVE-2015-3044, PSIRT-3298
2015-05-21 19:39:15
redhat
redhat
(RHSA-2015:1005) Critical: flash-plugin security update
2015-05-13 00:00:00
(RHSA-2015:0813) Critical: flash-plugin security update
2015-04-15 00:00:00
zdt
zdt
Flash Broker-Based Sandbox Escape via Forward Slash Instead of Backslash Exploit
2015-08-19 00:00:00
Flash Broker-Based Sandbox Escape via Unexpected Directory Lock Exploit
2015-08-19 00:00:00
Flash Broker-Based Sandbox Escape via Timing Attack Against File Moving Exploit
2015-08-19 00:00:00
zdi
zdi
(Pwn2Own) Adobe Flash Player BrokerCreateFile Broker Method Path Traversal Sandbox Escape Vulnerability
2015-05-12 00:00:00
archlinux
archlinux
flashplugin: multiple issues
2015-04-17 00:00:00

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.1 Low

EPSS

Percentile

94.8%

JSON
Related for KLA10576
kaspersky1prion8ubuntucve8cve8checkpoint_advisories7suse7nessus28altlinux4openvas15mageia2securityvulns1freebsd2gentoo2hackerone2redhat2zdt3zdi1archlinux1