PT-2015-1622 · Adobe+3 · Flash Player+6

Publicado

2015-07-08

·

Atualizado

2017-09-22

·

CVE-2015-3114

CVSS v2.0

5.0

Média

VetorAV:N/AC:L/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 13.0.0.302 Adobe Flash Player versions 14.x through 18.x prior to 18.0.0.203 Adobe AIR versions prior to 18.0.0.180 Adobe AIR SDK versions prior to 18.0.0.180 Adobe AIR SDK & Compiler versions prior to 18.0.0.180
Description The issue is related to inadequate access control in the software platform, allowing a remote attacker to bypass existing restrictions and gain access to sensitive information.
Recommendations For Adobe Flash Player versions prior to 13.0.0.302, update to version 13.0.0.302 or later. For Adobe Flash Player versions 14.x through 18.x prior to 18.0.0.203, update to version 18.0.0.203 or later. For Adobe AIR versions prior to 18.0.0.180, update to version 18.0.0.180 or later. For Adobe AIR SDK versions prior to 18.0.0.180, update to version 18.0.0.180 or later. For Adobe AIR SDK & Compiler versions prior to 18.0.0.180, update to version 18.0.0.180 or later.

Exploit

Correção

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284

Identificadores relacionados

ALT-PU-2015-1596
BDU:2015-10957
BDU:2015-10958
BDU:2015-10959
CVE-2015-3114
MGASA-2015-0273
RHSA-2015:1214
RHSA-2015_1214
SUSE-SU-2015:1211-1

Produtos afetados

Alt Linux
Air
Air Sdk
Air Sdk & Compiler
Flash Player
Red Hat
Suse