PT-2015-1136 · Adobe+3 · Flash Player+6
Published
2015-01-13
·
Updated
2017-09-08
·
CVE-2015-0303
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Adobe Flash Player versions prior to 13.0.0.260
Adobe Flash Player versions 14.x through 16.x prior to 16.0.0.257
Adobe Flash Player version 11.2.202.429 and earlier on Linux
Adobe AIR versions prior to 16.0.0.245 on Windows and OS X
Adobe AIR version 16.0.0.272 and earlier on Android
Adobe AIR SDK version 16.0.0.272 and earlier
Adobe AIR SDK & Compiler version 16.0.0.272 and earlier
Description
The issue exists due to a memory handling error. Exploitation of this issue may allow a remote attacker to cause a denial of service or execute arbitrary code.
Recommendations
For Adobe Flash Player versions prior to 13.0.0.260, update to version 13.0.0.260 or later.
For Adobe Flash Player versions 14.x through 16.x prior to 16.0.0.257, update to version 16.0.0.257 or later.
For Adobe Flash Player version 11.2.202.429 and earlier on Linux, update to version 11.2.202.429 or later.
For Adobe AIR versions prior to 16.0.0.245 on Windows and OS X, update to version 16.0.0.245 or later.
For Adobe AIR version 16.0.0.272 and earlier on Android, update to version 16.0.0.272 or later.
For Adobe AIR SDK version 16.0.0.272 and earlier, update to version 16.0.0.272 or later.
For Adobe AIR SDK & Compiler version 16.0.0.272 and earlier, update to version 16.0.0.272 or later.
Exploit
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Air
Air Sdk
Air Sdk & Compiler
Flash Player
Red Hat
Suse