Lucene search

K
nvd[email protected]NVD:CVE-2015-3128
HistoryJul 09, 2015 - 4:59 p.m.

CVE-2015-3128

2015-07-0916:59:15
web.nvd.nist.gov
7
adobe flash player
use-after-free
arbitrary code execution

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.91

Percentile

99.0%

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117.

Affected configurations

Nvd
Node
adobeairRange18.0.0.144
OR
adobeair_sdkRange18.0.0.144
OR
adobeair_sdk_\&_compilerRange18.0.0.144
Node
adobeflash_playerRange13.0.0.289
OR
adobeflash_playerMatch14.0.0.125
OR
adobeflash_playerMatch14.0.0.145
OR
adobeflash_playerMatch14.0.0.176
OR
adobeflash_playerMatch14.0.0.179
OR
adobeflash_playerMatch15.0.0.152
OR
adobeflash_playerMatch15.0.0.167
OR
adobeflash_playerMatch15.0.0.189
OR
adobeflash_playerMatch15.0.0.223
OR
adobeflash_playerMatch15.0.0.239
OR
adobeflash_playerMatch15.0.0.246
OR
adobeflash_playerMatch16.0.0.235
OR
adobeflash_playerMatch16.0.0.257
OR
adobeflash_playerMatch16.0.0.287
OR
adobeflash_playerMatch16.0.0.296
OR
adobeflash_playerMatch17.0.0.134
OR
adobeflash_playerMatch17.0.0.169
OR
adobeflash_playerMatch17.0.0.188
OR
adobeflash_playerMatch17.0.0.190
OR
adobeflash_playerMatch18.0.0.160
OR
adobeflash_playerMatch18.0.0.194
AND
applemac_os_xMatch-
OR
microsoftwindowsMatch-
Node
adobeflash_playerRange11.2.202.468
AND
linuxlinux_kernelMatch-
VendorProductVersionCPE
adobeair*cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*
adobeair_sdk*cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*
adobeair_sdk_\&_compiler*cpe:2.3:a:adobe:air_sdk_\&_compiler:*:*:*:*:*:*:*:*
adobeflash_player*cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
adobeflash_player14.0.0.125cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*
adobeflash_player14.0.0.145cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*
adobeflash_player14.0.0.176cpe:2.3:a:adobe:flash_player:14.0.0.176:*:*:*:*:*:*:*
adobeflash_player14.0.0.179cpe:2.3:a:adobe:flash_player:14.0.0.179:*:*:*:*:*:*:*
adobeflash_player15.0.0.152cpe:2.3:a:adobe:flash_player:15.0.0.152:*:*:*:*:*:*:*
adobeflash_player15.0.0.167cpe:2.3:a:adobe:flash_player:15.0.0.167:*:*:*:*:*:*:*
Rows per page:
1-10 of 271

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.91

Percentile

99.0%