PT-2015-1448 · Adobe+3 · Air+4

Publicado

2015-07-08

Atualizado

2017-09-22

CVE-2015-3120

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Flash Player (affected versions not specified) Adobe AIR (affected versions not specified) ALT Linux (affected versions not specified)

Description The issue is related to errors in data type mixing, which can be exploited by a remote attacker to execute arbitrary code.

Recommendations For Adobe Flash Player, consider disabling the vulnerable components until a patch is available. For Adobe AIR, restrict access to potentially vulnerable modules to minimize the risk of exploitation. For ALT Linux, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Type Confusion

Incorrect Type Conversion or Cast

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-843CWE-704

Identificadores relacionados

ALT-PU-2015-1596

BDU:2015-10588

BDU:2015-10589

BDU:2015-10590

CVE-2015-3120

MGASA-2015-0273

RHSA-2015:1214

RHSA-2015_1214

SUSE-SU-2015:1211-1

Produtos afetados

Alt Linux

Air

Flash Player

Red Hat

Suse

PT-2015-1448 · Adobe+3 · Air+4

CVE-2015-3120

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 242