Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0311

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2015-0311
Last Modified 13 Feb 2015 10:00:01
Published 23 Jan 2015 04:59:04
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-0311

Summary

Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows and OS X and through 11.2.202.438 on Linux allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in January 2015.

Vulnerable Systems

Application

  • Adobe Flash Player 11.2.202.438

  • Adobe Flash Player 13.0.0.262

  • Adobe Flash Player 14.0.0.125

  • Adobe Flash Player 14.0.0.145

  • Adobe Flash Player 14.0.0.176

  • Adobe Flash Player 14.0.0.179

  • Adobe Flash Player 15.0.0.152

  • Adobe Flash Player 15.0.0.167

  • Adobe Flash Player 15.0.0.189

  • Adobe Flash Player 15.0.0.223

  • Adobe Flash Player 15.0.0.239

  • Adobe Flash Player 15.0.0.246

  • Adobe Flash Player 16.0.0.235

  • Adobe Flash Player 16.0.0.257

  • Adobe Flash Player 16.0.0.287


References

CONFIRM - http://helpx.adobe.com/security/products/flash-player/apsa15-01.html

SECTRACK - 1031597

BID - 72283

SECUNIA - 62740

SECUNIA - 62660

SECUNIA - 62650

SECUNIA - 62432

MISC - http://malware.dontneedcoffee.com/2015/01/unpatched-vulnerability-0day-in-flash.html

SUSE - SUSE-SU-2015:0163

SUSE - SUSE-SU-2015:0151

CONFIRM - http://helpx.adobe.com/security/products/flash-player/apsb15-03.html

CONFIRM - https://technet.microsoft.com/library/security/2755801

SECUNIA - 62543

GENTOO - GLSA-201502-02

Related Patches

APSB15-03 Adobe Flash Player 16.0.0.296 for Mac OS X (See Notes)

APSB15-03 Adobe Flash Player 13.0.0.264 ESR for Mac OS X (See Notes)

Security Update for Internet Explorer Flash Player for Windows 8 and Windows Server 2012 (KB3035034)

Security Update for Internet Explorer Flash Player for Windows 8.1 and Windows Server 2012 R2 (KB3035034)


Last Updated: 27 May 2016 11:07:42