PT-2015-1138 · Adobe+3 · Flash Player+6
Publicado
2015-01-13
·
Atualizado
2017-09-08
·
CVE-2015-0306
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Adobe AIR versions prior to 16.0.0.245 on Windows and OS X and prior to 16.0.0.272 on Android
Adobe AIR SDK versions prior to 16.0.0.272
Adobe AIR SDK & Compiler versions prior to 16.0.0.272
Adobe Flash Player versions prior to 13.0.0.260 and 14.x through 16.x prior to 16.0.0.257 on Windows and OS X and prior to 11.2.202.429 on Linux
Description
The issue exists due to a memory handling error. Exploitation of this issue may allow a remote attacker to cause a denial of service or execute arbitrary code.
Recommendations
For Adobe AIR versions prior to 16.0.0.245 on Windows and OS X and prior to 16.0.0.272 on Android, update to version 16.0.0.245 or later on Windows and OS X and to version 16.0.0.272 or later on Android.
For Adobe AIR SDK versions prior to 16.0.0.272, update to version 16.0.0.272 or later.
For Adobe AIR SDK & Compiler versions prior to 16.0.0.272, update to version 16.0.0.272 or later.
For Adobe Flash Player versions prior to 13.0.0.260 and 14.x through 16.x prior to 16.0.0.257 on Windows and OS X and prior to 11.2.202.429 on Linux, update to version 13.0.0.260 or later and 16.0.0.257 or later on Windows and OS X and to version 11.2.202.429 or later on Linux.
Exploit
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Alt Linux
Air
Air Sdk
Air Sdk & Compiler
Flash Player
Red Hat
Suse