CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
97.6%
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.
Vendor | Product | Version | CPE |
---|---|---|---|
adobe | flash_player | * | cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:* |
apple | mac_os_x | - | cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:* |
microsoft | windows | - | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
linux | linux_kernel | - | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
opensuse | evergreen | 11.4 | cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:* |
opensuse | opensuse | 13.1 | cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* |
opensuse | opensuse | 13.2 | cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:* |
suse | linux_enterprise_desktop | 12 | cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:* |
suse | linux_enterprise_workstation_extension | 12 | cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:* |
hp | insight_orchestration | * | cpe:2.3:a:hp:insight_orchestration:*:*:*:*:*:*:*:* |
lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html
lists.opensuse.org/opensuse-security-announce/2015-06/msg00025.html
lists.opensuse.org/opensuse-security-announce/2015-07/msg00002.html
marc.info/?l=bugtraq&m=144050155601375&w=2
rhn.redhat.com/errata/RHSA-2015-1184.html
www.securityfocus.com/bid/75371
www.securitytracker.com/id/1032696
bugzilla.redhat.com/show_bug.cgi?id=1235036
bugzilla.suse.com/show_bug.cgi?id=935701
h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467
helpx.adobe.com/security/products/flash-player/apsb15-14.html
security.gentoo.org/glsa/201507-13
www.suse.com/security/cve/CVE-2015-3113.html
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
97.6%