PT-2015-6066 · Adobe+3 · Flash Player+6

Published

2015-05-12

·

Updated

2017-01-03

·

CVE-2015-3079

CVSS v2.0

5.0

Medium

VectorAV:N/AC:L/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions Adobe Flash Player versions prior to 13.0.0.289 Adobe Flash Player versions 14.x through 17.x prior to 17.0.0.188 Adobe Flash Player version prior to 11.2.202.460 on Linux Adobe AIR version prior to 17.0.0.172 Adobe AIR SDK version prior to 17.0.0.172 Adobe AIR SDK & Compiler version prior to 17.0.0.172
Description The issue allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.
Recommendations For Adobe Flash Player versions prior to 13.0.0.289, update to version 13.0.0.289 or later. For Adobe Flash Player versions 14.x through 17.x prior to 17.0.0.188, update to version 17.0.0.188 or later. For Adobe Flash Player version prior to 11.2.202.460 on Linux, update to version 11.2.202.460 or later. For Adobe AIR version prior to 17.0.0.172, update to version 17.0.0.172 or later. For Adobe AIR SDK version prior to 17.0.0.172, update to version 17.0.0.172 or later. For Adobe AIR SDK & Compiler version prior to 17.0.0.172, update to version 17.0.0.172 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

ALT-PU-2015-1438
CVE-2015-3079
MGASA-2015-0218
OPENSUSE-SU-2015_0914-1
RHSA-2015:1005
RHSA-2015_1005
SUSE-SU-2015:0878-1

Affected Products

Alt Linux
Air
Air Sdk
Air Sdk & Compiler
Flash Player
Red Hat
Suse