PT-2015-1362 · Adobe+3 · Flash Player+3
Marcus Meissner
·
Published
2015-06-23
·
Updated
2025-11-17
·
CVE-2015-3113
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Adobe Flash Player versions prior to 13.0.0.296
Adobe Flash Player versions 14.x through 18.x before 18.0.0.194
Adobe Flash Player versions prior to 11.2.202.468 on Linux
Description
The issue is a heap-based buffer overflow in Adobe Flash Player that can be exploited by remote attackers to execute arbitrary code via unspecified vectors. This has been exploited in the wild in June 2015.
Recommendations
For Adobe Flash Player versions prior to 13.0.0.296, update to version 13.0.0.296 or later.
For Adobe Flash Player versions 14.x through 18.x, update to version 18.0.0.194 or later.
For Adobe Flash Player versions prior to 11.2.202.468 on Linux, update to version 11.2.202.468 or later.
Exploit
Fix
RCE
Buffer Overflow
Memory Corruption
Heap Based Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Alt Linux
Flash Player
Red Hat
Suse