PT-2015-1253 · Adobe+3 · Flash Player+3

Published

2015-04-14

·

Updated

2018-10-30

·

CVE-2015-0346

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 13.0.0.281 Adobe Flash Player versions 14.x through 17.x before 17.0.0.169 Adobe Flash Player version before 11.2.202.457 on Linux
Description The issue is a double free vulnerability in Adobe Flash Player, allowing attackers to execute arbitrary code via unspecified vectors. This can be exploited by a remote attacker to execute arbitrary code.
Recommendations For Adobe Flash Player versions prior to 13.0.0.281, update to version 13.0.0.281 or later. For Adobe Flash Player versions 14.x through 17.x, update to version 17.0.0.169 or later. For Adobe Flash Player version before 11.2.202.457 on Linux, update to version 11.2.202.457 or later.

Exploit

Fix

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-415

Related Identifiers

ALT-PU-2015-1384
BDU:2015-10263
BDU:2015-10264
CVE-2015-0346
MGASA-2015-0155
OPENSUSE-SU-2015_0718-1
RHSA-2015:0813
RHSA-2015_0813
SUSE-SU-2015:0722-1
SUSE-SU-2015_0723-1

Affected Products

Alt Linux
Flash Player
Red Hat
Suse