PT-2015-4575 · Adobe+3 · Flash Player+3
Publicado
2015-04-14
·
Atualizado
2017-01-03
·
CVE-2015-0357
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Adobe Flash Player versions prior to 13.0.0.281
Adobe Flash Player versions 14.x through 17.x before 17.0.0.169
Adobe Flash Player version 11.2.202.457 and earlier on Linux
Description
The issue allows attackers to bypass the ASLR protection mechanism via unspecified vectors by not properly restricting discovery of memory addresses. This enables attackers to access information related to memory addresses, which can be used to exploit the system.
Recommendations
For Adobe Flash Player versions prior to 13.0.0.281, update to version 13.0.0.281 or later.
For Adobe Flash Player versions 14.x through 17.x, update to version 17.0.0.169 or later.
For Adobe Flash Player version 11.2.202.457 and earlier on Linux, update to version 11.2.202.457 or later.
Exploit
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Alt Linux
Flash Player
Red Hat
Suse