Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseSUSE-SU-2015:0239-1
HistoryFeb 07, 2015 - 7:07 p.m.

Security update for flash-player, flash-player-gnome, flash-player-kde4 (critical)

2015-02-0719:07:55
lists.opensuse.org
13

0.975 High

EPSS

Percentile

100.0%

JSON

flash-player was updated to version 11.2.202.442 to fix 18 security issues.

These security issues were fixed: - Use-after-free vulnerabilities that
could lead to code execution (CVE-2015-0313, CVE-2015-0315, CVE-2015-0320,
CVE-2015-0322). - Memory corruption vulnerabilities that could lead to
code execution (CVE-2015-0314, CVE-2015-0316, CVE-2015-0318,
CVE-2015-0321, CVE-2015-0329, CVE-2015-0330). - Type confusion
vulnerabilities that could lead to code execution (CVE-2015-0317,
CVE-2015-0319). - Heap buffer
overflow vulnerabilities that could lead to code execution (CVE-2015-0323,
CVE-2015-0327). - Buffer overflow vulnerability that could lead to code
execution (CVE-2015-0324). - Null pointer dereference issues
(CVE-2015-0325, CVE-2015-0326, CVE-2015-0328).

More information is available at
<a href=β€œhttps://helpx.adobe.com/security/products/flash-player/apsb15-04.html”>https://helpx.adobe.com/security/products/flash-player/apsb15-04.html</a>

Security Issues:

   * CVE-2015-0313
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0313">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0313</a>&gt;
   * CVE-2015-0314
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0314">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0314</a>&gt;
   * CVE-2015-0315
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0315">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0315</a>&gt;
   * CVE-2015-0316
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0316">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0316</a>&gt;
   * CVE-2015-0317
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0317">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0317</a>&gt;
   * CVE-2015-0318
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0318">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0318</a>&gt;
   * CVE-2015-0319
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0319">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0319</a>&gt;
   * CVE-2015-0320
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0320">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0320</a>&gt;
   * CVE-2015-0321
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0321">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0321</a>&gt;
   * CVE-2015-0322
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0322">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0322</a>&gt;
   * CVE-2015-0323
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0323">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0323</a>&gt;
   * CVE-2015-0324
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0324">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0324</a>&gt;
   * CVE-2015-0325
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0325">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0325</a>&gt;
   * CVE-2015-0326
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0326">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0326</a>&gt;
   * CVE-2015-0327
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0327">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0327</a>&gt;
   * CVE-2015-0328
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0328">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0328</a>&gt;
   * CVE-2015-0329
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0329">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0329</a>&gt;
   * CVE-2015-0330
     &lt;<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0330">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0330</a>&gt;

Contraindications:

Related

suse 3
mageia 1
altlinux 1
nessus 13
archlinux 1
openvas 7
redhat 1
prion 19
cve 19
ubuntucve 19
attackerkb 3
gentoo 1
checkpoint_advisories 19
canvas 1
threatpost 5
symantec 1
zdt 2
cisa_kev 1
hackerone 3
zdi 1
packetstorm 2
exploitpack 1
metasploit 2
googleprojectzero 6
exploitdb 3
thn 2
suse
suse
update for flash-player (critical)
2015-02-07 14:04:53
Security update for flash-player (critical)
2015-02-07 10:05:06
Security update for flash-player (critical)
2015-02-07 10:04:51
mageia
mageia
Updated flash-player-plugin packages fix security vulnerabilities
2015-02-06 19:51:41
altlinux
altlinux
Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt41
2015-02-06 00:00:00
nessus
nessus
openSUSE Security Update : flash-player (openSUSE-2015-118)
2015-02-09 00:00:00
SuSE 11.3 Security Update : flash-player, flash-player-gnome, flash-player-kde4 (SAT Patch Number 10287)
2015-02-09 00:00:00
Flash Player For Mac <= 16.0.0.296 Unspecified Code Execution (APSA15-02 / APSB15-04)
2015-02-02 00:00:00
archlinux
archlinux
flashplugin: remote code execution
2015-02-06 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0054)
2022-01-28 00:00:00
SUSE: Security Advisory for flash-player (SUSE-SU-2015:0239-1)
2015-10-16 00:00:00
SUSE: Security Advisory for flash-player (SUSE-SU-2015:0236-1)
2015-10-16 00:00:00
redhat
redhat
(RHSA-2015:0140) Critical: flash-plugin security update
2015-02-06 00:00:00
prion
prion
Memory corruption
2015-02-06 00:59:00
Memory corruption
2015-02-06 00:59:00
Memory corruption
2015-02-06 00:59:00
cve
cve
CVE-2015-0314
2015-02-06 00:59:00
CVE-2015-0329
2015-02-06 00:59:00
CVE-2015-0316
2015-02-06 00:59:00
ubuntucve
ubuntucve
CVE-2015-0329
2015-02-06 00:00:00
CVE-2015-0318
2015-02-06 00:00:00
CVE-2015-0316
2015-02-06 00:00:00
attackerkb
attackerkb
CVE-2015-0313
2015-02-02 00:00:00
CVE-2015-0322
2015-02-06 00:00:00
CVE-2015-0320
2015-02-06 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2015-02-06 00:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Heap Buffer Overflow (APSB15-04: CVE-2015-0327)
2015-02-24 00:00:00
Adobe Flash Player Null Pointer Dereference (APSB15-04: CVE-2015-0328)
2015-02-25 00:00:00
Adobe Flash Player Buffer Overflow (APSB15-04: CVE-2015-0324)
2015-02-24 00:00:00
canvas
canvas
Immunity Canvas: ADOBE_FLASH_DOMAINMEMORY_UAF
2015-02-02 19:59:00
threatpost
threatpost
Adobe Begins Patching Third Flash Player Zero Day
2015-02-04 16:44:42
Another Flash Zero Day Emerges
2015-02-02 08:51:33
Angler Exploit Kit, Bedep Malware Inflating Video Views
2015-05-05 08:00:41
symantec
symantec
Adobe Flash Player CVE-2015-0313 Remote Code Execution Vulnerability
2015-02-02 00:00:00
zdt
zdt
Adobe Flash Player ByteArray With Workers Use After Free Exploit
2015-04-02 00:00:00
Adobe Flash Player PCRE Regex Logic Error Exploit
2015-03-20 00:00:00
cisa_kev
cisa_kev
Adobe Flash Player Use-After-Free Vulnerability
2022-04-13 00:00:00
hackerone
hackerone
Internet Bug Bounty: Use after free during the StageVideoAvailabilityEvent can result in arbitrary code execution
2015-02-09 18:44:09
Internet Bug Bounty: Use After Free in Flash MessageChannel.send can cause arbitrary code execution
2015-02-09 18:50:52
Internet Bug Bounty: Adobe Flash Player Out-of-Bound Access Vulnerability
2015-02-07 14:50:18
zdi
zdi
Adobe Flash Player BitmapFilter Invalid Object Corruption Remote Code Execution Vulnerability
2015-02-10 00:00:00
packetstorm
packetstorm
Adobe Flash Player ByteArray With Workers Use After Free
2015-03-30 00:00:00
Adobe Flash Player PCRE Regex Logic Error
2015-03-18 00:00:00
exploitpack
exploitpack
Adobe Flash Player - Arbitrary Code Execution
2015-03-25 00:00:00
metasploit
metasploit
Adobe Flash Player ByteArray With Workers Use After Free
2015-03-27 23:51:13
Adobe Flash Player PCRE Regex Vulnerability
2015-03-11 14:58:41
googleprojectzero
googleprojectzero
Taming the wild copy: Parallel Thread Corruption
2015-03-19 00:00:00
Feedback and data-driven updates to Google’s disclosure policy
2015-02-13 00:00:00
A Token’s Tale
2015-02-09 00:00:00
exploitdb
exploitdb
Adobe Flash Player - ByteArray With Workers Use-After-Free (Metasploit)
2015-03-31 00:00:00
Adobe Flash Player - Arbitrary Code Execution
2015-03-25 00:00:00
Adobe Flash Player - PCRE Regex (Metasploit)
2015-03-17 00:00:00
thn
thn
Another Unpatched Adobe Flash Zero-Day vulnerability Exploited in the Wild
2015-02-02 06:29:00
Researchers Share New Insights Into RIG Exploit Kit Malware's Operations
2023-02-27 15:33:00

0.975 High

EPSS

Percentile

100.0%

JSON
Related for SUSE-SU-2015:0239-1
suse3mageia1altlinux1nessus13archlinux1openvas7redhat1prion19cve19ubuntucve19attackerkb3gentoo1checkpoint_advisories19canvas1threatpost5symantec1zdt2cisa_kev1hackerone3zdi1packetstorm2exploitpack1metasploit2googleprojectzero6exploitdb3thn2