PT-2015-1263 · Adobe+3 · Flash Player+3

Published

2015-04-14

Updated

2017-01-03

CVE-2015-0356

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 13.0.0.281 Adobe Flash Player versions 14.x through 17.x before 17.0.0.169 on Windows and OS X Adobe Flash Player versions prior to 11.2.202.457 on Linux

Description The issue is related to a type confusion that allows an attacker to execute arbitrary code. This can be exploited by a remote attacker. The estimated number of potentially affected devices and details about real-world incidents are not provided.

Recommendations For Adobe Flash Player versions prior to 13.0.0.281, update to version 13.0.0.281 or later. For Adobe Flash Player versions 14.x through 17.x before 17.0.0.169 on Windows and OS X, update to version 17.0.0.169 or later. For Adobe Flash Player versions prior to 11.2.202.457 on Linux, update to version 11.2.202.457 or later.

Exploit

Fix

Type Confusion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-843

Related Identifiers

ALT-PU-2015-1384

BDU:2015-10283

BDU:2015-10284

CVE-2015-0356

MGASA-2015-0155

OPENSUSE-SU-2015_0718-1

RHSA-2015:0813

RHSA-2015_0813

SUSE-SU-2015:0722-1

Affected Products

Alt Linux

Flash Player

Red Hat

Suse

PT-2015-1263 · Adobe+3 · Flash Player+3

CVE-2015-0356

Weakness Enumeration

Related Identifiers

Affected Products

References · 155