PT-2015-1249 · Adobe+3 · Flash Player+3

Published

2015-03-12

·

Updated

2017-07-01

·

CVE-2015-0338

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 13.0.0.277 Adobe Flash Player versions 14.x through 17.x before 17.0.0.134 Adobe Flash Player version 11.2.202.451 and earlier on Linux
Description The issue is related to an integer overflow in Adobe Flash Player, which allows a remote attacker to execute arbitrary code.
Recommendations For Adobe Flash Player versions prior to 13.0.0.277, update to version 13.0.0.277 or later. For Adobe Flash Player versions 14.x through 17.x, update to version 17.0.0.134 or later. For Adobe Flash Player version 11.2.202.451 and earlier on Linux, update to version 11.2.202.451 or later.

Exploit

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALT-PU-2015-1278
BDU:2015-10255
BDU:2015-10256
CVE-2015-0338
MGASA-2015-0109
OPENSUSE-SU-2015_0490-1
RHSA-2015:0697
RHSA-2015_0697
SUSE-SU-2015:0491-1

Affected Products

Alt Linux
Flash Player
Red Hat
Suse