PT-2015-1252 · Adobe+3 · Flash Player+3

Published

2015-03-12

Updated

2017-07-01

CVE-2015-0342

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 13.0.0.277 Adobe Flash Player versions 14.x through 17.x before 17.0.0.134 Adobe Flash Player version 11.2.202.451 and earlier on Linux

Description The issue is related to a use-after-free vulnerability. This vulnerability allows attackers to execute arbitrary code via unspecified vectors. The estimated number of potentially affected devices worldwide is not provided. There is no information about real-world incidents where this issue was exploited.

Recommendations For Adobe Flash Player versions prior to 13.0.0.277, update to version 13.0.0.277 or later. For Adobe Flash Player versions 14.x through 17.x, update to version 17.0.0.134 or later. For Adobe Flash Player version 11.2.202.451 and earlier on Linux, update to version 11.2.202.451 or later.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2015-1278

BDU:2015-10261

BDU:2015-10262

CVE-2015-0342

MGASA-2015-0109

OPENSUSE-SU-2015_0490-1

RHSA-2015:0697

RHSA-2015_0697

SUSE-SU-2015:0491-1

Affected Products

Alt Linux

Flash Player

Red Hat

Suse

PT-2015-1252 · Adobe+3 · Flash Player+3

CVE-2015-0342

Weakness Enumeration

Related Identifiers

Affected Products

References · 84