Lucene search

[email protected]CVE-2015-0321

HistoryFeb 06, 2015 - 12:59 a.m.

CVE-2015-0321

2015-02-0600:59:06

[email protected]

web.nvd.nist.gov

cve-2015-0321

adobe flash player

windows

os x

linux

arbitrary code execution

denial of service

memory corruption

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.975 High

EPSS

Percentile

100.0%

JSON

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0329, and CVE-2015-0330.

Affected configurations

NVD

Node

adobeflash_playerRange≤11.2.202.440

AND

linuxlinux_kernelMatch-

Node

adobeflash_playerRange≤13.0.0.264

adobeflash_playerMatch14.0.0.125

adobeflash_playerMatch14.0.0.145

adobeflash_playerMatch14.0.0.176

adobeflash_playerMatch14.0.0.179

adobeflash_playerMatch15.0.0.152

adobeflash_playerMatch15.0.0.167

adobeflash_playerMatch15.0.0.189

adobeflash_playerMatch15.0.0.223

adobeflash_playerMatch15.0.0.239

adobeflash_playerMatch15.0.0.246

adobeflash_playerMatch16.0.0.235

adobeflash_playerMatch16.0.0.257

adobeflash_playerMatch16.0.0.287

adobeflash_playerMatch16.0.0.296

AND

applemac_os_xMatch-

microsoftwindowsMatch-

CPENameOperatorVersion
adobe:flash_playeradobe flash playerle11.2.202.440

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	le	11.2.202.440

References

lists.opensuse.org/opensuse-security-announce/2015-02/msg00006.html

lists.opensuse.org/opensuse-security-announce/2015-02/msg00007.html

lists.opensuse.org/opensuse-security-announce/2015-02/msg00008.html

lists.opensuse.org/opensuse-security-announce/2015-02/msg00009.html

rhn.redhat.com/errata/RHSA-2015-0140.html

secunia.com/advisories/62777

secunia.com/advisories/62886

secunia.com/advisories/62895

security.gentoo.org/glsa/glsa-201502-02.xml

www.securityfocus.com/bid/72514

www.securitytracker.com/id/1031706

exchange.xforce.ibmcloud.com/vulnerabilities/100703

helpx.adobe.com/security/products/flash-player/apsb15-04.html

technet.microsoft.com/library/security/2755801

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.7 High

AI Score

Confidence

Low

0.975 High

EPSS

Percentile

100.0%

JSON

Related for CVE-2015-0321

cve5 prion6 nvd6 cvelist6 ubuntucve6 checkpoint_advisories6 nessus12 redhat1 suse4 openvas7 mageia1 archlinux1 altlinux1 zdi1 zdt1 packetstorm1 googleprojectzero5 metasploit1 gentoo1 exploitdb1 hackerone1