Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiBilouZDI-15-087
HistoryMar 12, 2015 - 12:00 a.m.

Adobe Flash Player AVSS Load Use-After-Free Remote Code Execution Vulnerability

2015-03-1200:00:00
bilou
www.zerodayinitiative.com
18

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.03 Low

EPSS

Percentile

90.8%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AVSS objects. By calling Load multiple times an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process.

Related

checkpoint_advisories 1
zdt 1
prion 2
ubuntucve 2
cve 2
thn 1
nessus 14
openvas 7
mageia 1
redhat 1
altlinux 2
archlinux 1
suse 4
freebsd 1
gentoo 1
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Use After Free Remote Code Execution (APSB15-05: CVE-2015-0341)
2015-03-24 00:00:00
zdt
zdt
Adobe Flash Player AVSS Load Use-After-Free Remote Code Execution Vulnerability
2015-03-16 00:00:00
prion
prion
Design/Logic Flaw
2015-03-13 17:59:00
Design/Logic Flaw
2015-03-13 17:59:00
ubuntucve
ubuntucve
CVE-2015-0342
2015-03-13 00:00:00
CVE-2015-0341
2015-03-13 00:00:00
cve
cve
CVE-2015-0342
2015-03-13 17:59:00
CVE-2015-0341
2015-03-13 17:59:00
thn
thn
Adobe Flash Player Update Patches 11 Critical Vulnerabilities
2015-03-12 21:28:00
nessus
nessus
MS KB3044132: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
2015-03-13 00:00:00
Adobe AIR for Mac <= 17.0.0.124 Multiple Vulnerabilities (APSB15-05)
2015-06-12 00:00:00
FreeBSD : Adobe Flash Player -- critical vulnerabilities (8b3ecff5-c9b2-11e4-b71f-00bd5af88c00)
2015-03-17 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201503-09
2015-09-29 00:00:00
Adobe Flash Player Multiple Vulnerabilities - 01 (Mar 2015) - Windows
2015-03-20 00:00:00
Mageia: Security Advisory (MGASA-2015-0109)
2022-01-28 00:00:00
mageia
mageia
Updated flash-player-plugin package fixes security vulnerabilities
2015-03-14 21:44:24
redhat
redhat
(RHSA-2015:0697) Critical: flash-plugin security update
2015-03-17 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt42
2015-03-13 00:00:00
Security fix for the ALT Linux 7 package adobe-flash-player version 3:11-alt42
2015-03-13 00:00:00
archlinux
archlinux
flashplugin: multiple issues
2015-03-16 00:00:00
suse
suse
flashplayer to version 11.2.202.451 (important)
2015-03-14 11:04:48
Security update for flash-player (critical)
2015-03-13 12:04:50
Security update for flash-player (critical)
2015-03-13 12:05:10
freebsd
freebsd
Adobe Flash Player -- critical vulnerabilities
2015-03-12 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2015-03-16 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.03 Low

EPSS

Percentile

90.8%

JSON
Related for ZDI-15-087
checkpoint_advisories1zdt1prion2ubuntucve2cve2thn1nessus14openvas7mageia1redhat1altlinux2archlinux1suse4freebsd1gentoo1