Lucene search

K

Kaspersky LabKLA10623

HistoryJul 08, 2015 - 12:00 a.m.

KLA10623 Multiple vulnerabilities in Adobe products

2015-07-0800:00:00

Kaspersky Lab

threats.kaspersky.com

158

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.23 Low

EPSS

Percentile

96.5%

Detect date:

07/08/2015

Severity:

Critical

Description:

Multiple critical vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code or obtain sensitive information.

Affected products:

Adobe Flash Player versions earlier than 18.0.0.203
Adobe Flash Player ESR versions earlier than 13.0.0.302
Adobe Flash Player for Linux versions earlier than 11.2.202.481
Adobe AIR 18.0.0.180

Solution:

Update to the latest version
Get Adobe Flash Player
Get Adobe AIR

Original advisories:

Impacts:

ACE

Related products:

Adobe Flash Player ActiveX

CVE-IDS:

CVE-2015-30975.0Critical
CVE-2015-51165.0Critical
CVE-2015-31155.0Critical
CVE-2015-31165.0Critical
CVE-2015-31145.0Critical
CVE-2014-05785.0Critical
CVE-2015-31255.0Critical
CVE-2015-31267.5Critical

Exploitation:

Public exploits exist for this vulnerability.

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0578

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3097

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3114

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3115

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3116

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3125

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3126

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5116

get.adobe.com/air/

get.adobe.com/flashplayer/

helpx.adobe.com/security/products/flash-player/apsb15-16.html

statistics.securelist.com/vulnerability-scan/month

threats.kaspersky.com/en/class/Exploit/

threats.kaspersky.com/en/product/Adobe-AIR/

threats.kaspersky.com/en/product/Adobe-Flash-Player-ActiveX/

threats.kaspersky.com/en/product/Adobe-Flash-Player-NPAPI/

threats.kaspersky.com/en/product/Adobe-Flash-Player-PPAPI/

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.23 Low

EPSS

Percentile

96.5%

Related for KLA10623

prion9 cve9 ubuntucve9 checkpoint_advisories5 openvas11 zdi1 hackerone1 nessus25 altlinux4 securityvulns1 suse2 redhat1 mageia1 gentoo2 symantec1 kaspersky2 freebsd1