PT-2015-6061 · Adobe+3 · Flash Player+3
Published
2015-04-14
·
Updated
2018-10-30
·
CVE-2015-3040
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Adobe Flash Player versions prior to 13.0.0.281
Adobe Flash Player versions 14.x through 17.x before 17.0.0.169 on Windows and OS X
Adobe Flash Player versions prior to 11.2.202.457 on Linux
Description
The issue allows attackers to bypass the ASLR protection mechanism. This is due to the software not properly restricting discovery of memory addresses.
Recommendations
For Adobe Flash Player versions prior to 13.0.0.281, update to version 13.0.0.281 or later.
For Adobe Flash Player versions 14.x through 17.x before 17.0.0.169 on Windows and OS X, update to version 17.0.0.169 or later.
For Adobe Flash Player versions prior to 11.2.202.457 on Linux, update to version 11.2.202.457 or later.
Exploit
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Flash Player
Red Hat
Suse