Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0308

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2015-0308
Last Modified 13 Feb 2015 09:59:56
Published 13 Jan 2015 06:59:06
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-0308

Summary

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors.

Vulnerable Systems

Application

  • Adobe Air 15.0.0.356

  • Adobe Air Sdk 15.0.0.356

  • Adobe Air Sdk And Compiler 15.0.0.356

  • Adobe Flash Player 11.2.202.425

  • Adobe Flash Player 13.0.0.259

  • Adobe Flash Player 14.0.0.125

  • Adobe Flash Player 14.0.0.145

  • Adobe Flash Player 14.0.0.176

  • Adobe Flash Player 14.0.0.179

  • Adobe Flash Player 15.0.0.144

  • Adobe Flash Player 15.0.0.152

  • Adobe Flash Player 15.0.0.167

  • Adobe Flash Player 15.0.0.189

  • Adobe Flash Player 15.0.0.223

  • Adobe Flash Player 15.0.0.238

  • Adobe Flash Player 15.0.0.239

  • Adobe Flash Player 15.0.0.246

  • Adobe Flash Player 16.0.0.234

  • Adobe Flash Player 16.0.0.235


References

CONFIRM - http://helpx.adobe.com/security/products/flash-player/apsb15-01.html

SECUNIA - 62371

SECUNIA - 62252

SECUNIA - 62740

GENTOO - GLSA-201502-02

Related Patches

APSB15-01 Adobe Flash Player 13.0.0.260 ESR for Mac OS X (See Notes)

APSB15-01 Adobe Flash Player 16.0.0.257 for Mac OS X (See Notes)

APSB15-01 Adobe AIR 16.0.0.245 for Mac OS X


Last Updated: 27 May 2016 11:07:33