PT-2015-1448 · Adobe+3 · Air+4

Published

2015-07-08

Updated

2017-09-22

CVE-2015-3120

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Flash Player (affected versions not specified) Adobe AIR (affected versions not specified) ALT Linux (affected versions not specified)

Description The issue is related to errors in data type mixing, which can be exploited by a remote attacker to execute arbitrary code.

Recommendations For Adobe Flash Player, consider disabling the vulnerable components until a patch is available. For Adobe AIR, restrict access to potentially vulnerable modules to minimize the risk of exploitation. For ALT Linux, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Type Confusion

Incorrect Type Conversion or Cast

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-843CWE-704

Related Identifiers

ALT-PU-2015-1596

BDU:2015-10588

BDU:2015-10589

BDU:2015-10590

CVE-2015-3120

MGASA-2015-0273

RHSA-2015:1214

RHSA-2015_1214

SUSE-SU-2015:1211-1

Affected Products

Alt Linux

Air

Flash Player

Red Hat

Suse

PT-2015-1448 · Adobe+3 · Air+4

CVE-2015-3120

Weakness Enumeration

Related Identifiers

Affected Products

References · 242