Lucene search

K

[email protected]NVD:CVE-2015-0306

HistoryJan 13, 2015 - 11:59 p.m.

CVE-2015-0306

2015-01-1323:59:05

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.026 Low

EPSS

Percentile

90.4%

Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0303.

Affected configurations

NVD

Node

adobeflash_playerRange≤13.0.0.259

OR

adobeflash_playerMatch14.0.0.125

OR

adobeflash_playerMatch14.0.0.145

OR

adobeflash_playerMatch14.0.0.176

OR

adobeflash_playerMatch14.0.0.179

OR

adobeflash_playerMatch15.0.0.144

OR

adobeflash_playerMatch15.0.0.152

OR

adobeflash_playerMatch15.0.0.167

OR

adobeflash_playerMatch15.0.0.189

OR

adobeflash_playerMatch15.0.0.223

OR

adobeflash_playerMatch15.0.0.238

OR

adobeflash_playerMatch15.0.0.239

OR

adobeflash_playerMatch15.0.0.246

OR

adobeflash_playerMatch16.0.0.234

OR

adobeflash_playerMatch16.0.0.235

AND

applemac_os_x

OR

microsoftwindows

Node

adobeadobe_airRange≤15.0.0.356android

Node

adobeadobe_air_sdkRange≤15.0.0.356

Node

adobeflash_playerRange≤11.2.202.425

AND

linuxlinux_kernel

Node

adobeadobe_air_sdk_and_compilerRange≤15.0.0.356

Node

adobeadobe_airRange≤15.0.0.356

AND

applemac_os_x

OR

microsoftwindows

References

helpx.adobe.com/security/products/flash-player/apsb15-01.html

secunia.com/advisories/62177

secunia.com/advisories/62187

secunia.com/advisories/62252

secunia.com/advisories/62371

secunia.com/advisories/62740

security.gentoo.org/glsa/glsa-201502-02.xml

www.securityfocus.com/bid/72036

www.securitytracker.com/id/1031525

exchange.xforce.ibmcloud.com/vulnerabilities/99984

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.026 Low

EPSS

Percentile

90.4%

Related for NVD:CVE-2015-0306

prion2 ubuntucve2 cve2 nvd1 cvelist2 checkpoint_advisories2 threatpost1 nessus15 suse5 openvas9 securityvulns1 kaspersky1 freebsd1 mageia1 archlinux2 redhat1 gentoo1