PT-2015-1251 · Adobe+3 · Flash Player+3

Published

2015-03-12

Updated

2017-07-01

CVE-2015-0341

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 13.0.0.277 Adobe Flash Player versions 14.x through 17.x before 17.0.0.134 Adobe Flash Player version 11.2.202.451 and earlier on Linux

Description The issue is caused by a use-after-free vulnerability in Adobe Flash Player, allowing remote attackers to execute arbitrary code via unspecified vectors. This vulnerability can be exploited by attackers to gain control over affected systems.

Recommendations For Adobe Flash Player versions prior to 13.0.0.277, update to version 13.0.0.277 or later. For Adobe Flash Player versions 14.x through 17.x, update to version 17.0.0.134 or later. For Adobe Flash Player version 11.2.202.451 and earlier on Linux, update to version 11.2.202.451 or later. As a temporary workaround, consider disabling Adobe Flash Player until a patch is available.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2015-1278

BDU:2015-10259

BDU:2015-10260

CVE-2015-0341

MGASA-2015-0109

OPENSUSE-SU-2015_0490-1

RHSA-2015:0697

RHSA-2015_0697

SUSE-SU-2015:0491-1

ZDI-15-087

Affected Products

Alt Linux

Flash Player

Red Hat

Suse

PT-2015-1251 · Adobe+3 · Flash Player+3

CVE-2015-0341

Weakness Enumeration

Related Identifiers

Affected Products

References · 85