Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » APSB15-01

Overview

Id APSB15-01
Name APSB15-01 Adobe Flash Player 16.0.0.257 for Mac OS X (See Notes)
Vendor Name adobe
Product Adobe Flash Player
Content Type Critical Critical
Language(s)
Operating System(s) OSX 
Released On 13 Jan 2015 12:00:00

APSB15-01

APSB15-01 Adobe Flash Player 16.0.0.257 for Mac OS X (See Notes)

Vendor Name

adobe

Product

Adobe Flash Player

Released On

13 Jan 2015 12:00:00

Url

http://helpx.adobe.com/security/products/flash-player/apsb15-01.html

Description

Adobe Flash Player Plugin is used to run content created on the Adobe Flash platform within a Netscape-compatible web browser.

Flash Player 16.0.0.257 addresses the following security issues:

  • CVE-2015-0301: Resolves an improper file validation issue
  • CVE-2015-0302: Resolves an information disclosure vulnerability that could be exploited to capture keystrokes on the affected system
  • CVE-2015-0303, CVE-2015-0306: Resolve memory corruption vulnerabilities that could lead to code execution
  • CVE-2015-0304, CVE-2015-0309: Resolve heap-based buffer overflow vulnerabilities that could lead to code execution
  • CVE-2015-0305: Resolves a type confusion vulnerability that could lead to code execution
  • CVE-2015-0307: Resolves an out-of-bounds read vulnerability that could be exploited to leak memory addresses
  • CVE-2015-0308: Resolves a use-after-free vulnerability that could lead to code execution

  • Notes:
  • This update is applicable to Flash Player 16.0.x, 15.0.x, 14.0.x, 13.0.x version 13.0.0.214 and lower, 12.0.x, 11.9.x, 11.8.x, and 11.7.x version 11.7.700.224 and lower. It is not applicable to Flash Player 11.7.x extended support version 11.7.700.232 and higher, or 13.0.x extended support version 13.0.0.223 and higher
  • By default, deployment will automatically update Adobe Flash Player
  • Use the download only option to deploy the installer to the agent's temporary directory (by default, "/tmp/{Agent GUID}"). An administrator may then manually install the update
  • Related Resources

    Related Vulnerabilities

    CVE-2015-0301   CVE-2015-0302   CVE-2015-0303   CVE-2015-0304   CVE-2015-0305   CVE-2015-0306   CVE-2015-0307   CVE-2015-0308   CVE-2015-0309  

    Related Patches

    Superseded Patches


    Last Updated: 27 May 2016 11:20:31