PT-2015-1265 · Adobe+3 · Flash Player+3
Published
2015-04-14
·
Updated
2017-10-07
·
CVE-2015-0359
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Adobe Flash Player versions prior to 13.0.0.281
Adobe Flash Player versions 14.x through 17.x before 17.0.0.169
Adobe Flash Player versions prior to 11.2.202.457 on Linux
Description
The issue is caused by a double free vulnerability in the Flash Player platform, allowing a remote attacker to execute arbitrary code. This can be achieved via unspecified vectors. The estimated number of potentially affected devices worldwide is not provided. There is no information about real-world incidents where this issue was exploited.
Recommendations
For Adobe Flash Player versions prior to 13.0.0.281, update to version 13.0.0.281 or later.
For Adobe Flash Player versions 14.x through 17.x, update to version 17.0.0.169 or later.
For Adobe Flash Player versions prior to 11.2.202.457 on Linux, update to version 11.2.202.457 or later.
Exploit
Fix
Double Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Flash Player
Red Hat
Suse