Lucene search
AdobeCVE-2015-0346HistoryApr 14, 2015 - 10:59 p.m.
CVE-2015-0346
2015-04-1422:59:00
adobe
web.nvd.nist.gov
64
cve-2015-0346
adobe flash player
double free vulnerability
arbitrary code execution
unspecified vectors
nvd
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
Low
EPSS
0.975
Percentile
100.0%
Double free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0359.
Affected configurations
Node
redhatenterprise_linux_desktop_supplementaryMatch5.0
ORredhatenterprise_linux_desktop_supplementaryMatch6.0
ORredhatenterprise_linux_server_supplementaryMatch5.0
ORredhatenterprise_linux_server_supplementaryMatch6.0
ORredhatenterprise_linux_server_supplementary_eusMatch6.6.z
ORredhatenterprise_linux_workstation_supplementaryMatch6.0
Node
opensuseopensuseMatch13.1
ORopensuseopensuseMatch13.2
ORsusesuse_linux_enterprise_desktopMatch11.0sp3
ORsusesuse_linux_enterprise_desktopMatch12.0
ORsusesuse_linux_workstation_extensionMatch12.0
Node
adobeflash_playerRange≤13.0.0.264
ORadobeflash_playerMatch14.0.0.125
ORadobeflash_playerMatch14.0.0.145
ORadobeflash_playerMatch14.0.0.176
ORadobeflash_playerMatch14.0.0.179
ORadobeflash_playerMatch15.0.0.152
ORadobeflash_playerMatch15.0.0.167
ORadobeflash_playerMatch15.0.0.189
ORadobeflash_playerMatch15.0.0.223
ORadobeflash_playerMatch15.0.0.239
ORadobeflash_playerMatch15.0.0.246
ORadobeflash_playerMatch16.0.0.235
ORadobeflash_playerMatch16.0.0.257
ORadobeflash_playerMatch16.0.0.287
ORadobeflash_playerMatch16.0.0.296
ORadobeflash_playerMatch17.0.0.134
applemac_os_xMatch-
ORmicrosoftwindowsMatch-
Node
adobeflash_playerRange≤11.2.202.451
linuxlinux_kernelMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | enterprise_linux_desktop_supplementary | 5.0 | cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:* |
| redhat | enterprise_linux_desktop_supplementary | 6.0 | cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:* |
| redhat | enterprise_linux_server_supplementary | 5.0 | cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:* |
| redhat | enterprise_linux_server_supplementary | 6.0 | cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:* |
| redhat | enterprise_linux_server_supplementary_eus | 6.6.z | cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.6.z:*:*:*:*:*:*:* |
| redhat | enterprise_linux_workstation_supplementary | 6.0 | cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:* |
| opensuse | opensuse | 13.1 | cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* |
| opensuse | opensuse | 13.2 | cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:* |
| suse | suse_linux_enterprise_desktop | 11.0 | cpe:2.3:o:suse:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:* |
| suse | suse_linux_enterprise_desktop | 12.0 | cpe:2.3:o:suse:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:* |
References
lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html
lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html
lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html
lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html
rhn.redhat.com/errata/RHSA-2015-0813.html
www.securityfocus.com/bid/74067
www.securitytracker.com/id/1032105
helpx.adobe.com/security/products/flash-player/apsb15-06.html
security.gentoo.org/glsa/201504-07
Related
nvd
nvd
CVE-2015-0346
2015-04-14 22:59:00
CVE-2015-0359
2015-04-14 22:59:12
prion
prion
Double free
2015-04-14 22:59:00
Double free
2015-04-14 22:59:00
ubuntucve
ubuntucve
CVE-2015-0346
2015-04-14 00:00:00
CVE-2015-0359
2015-04-14 00:00:00
cvelist
cvelist
CVE-2015-0346
2015-04-14 22:00:00
CVE-2015-0359
2015-04-14 22:00:00
cve
cve
CVE-2015-0359
2015-04-14 22:59:12
hackerone
hackerone
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Double Free (APSB15-06: CVE-2015-0346)
2015-04-15 00:00:00
Adobe Flash Player Double Free (APSB15-06: CVE-2015-0359)
2015-04-16 00:00:00
metasploit
metasploit
Adobe Flash Player domainMemory ByteArray Use After Free
2015-05-07 22:00:00
zdt
zdt
Adobe Flash Player domainMemory ByteArray Use After Free Exploit
2015-05-08 00:00:00
packetstorm
packetstorm
Adobe Flash Player domainMemory ByteArray Use After Free
2015-05-07 00:00:00
exploitdb
exploitdb
Adobe Flash Player - domainMemory ByteArray Use-After-Free (Metasploit)
2015-05-08 00:00:00
threatpost
threatpost
freebsd
freebsd
Adobe Flash Player -- critical vulnerabilities
2015-04-14 00:00:00
nessus
nessus
SuSE 11.3 Security Update : flash-player (SAT Patch Number 10615)
2015-04-16 00:00:00
openSUSE Security Update : Adobe Flash Player (openSUSE-2015-304)
2015-04-16 00:00:00
Adobe AIR for Mac <= 17.0.0.144 Multiple Vulnerabilities (APSB15-06)
2015-06-12 00:00:00
openvas
openvas
Adobe Flash Player Multiple Vulnerabilities - 01 (Apr 2015) - Mac OS X
2015-04-20 00:00:00
Adobe Flash Player Multiple Vulnerabilities - 01 (Apr 2015) - Linux
2015-04-20 00:00:00
Mageia: Security Advisory (MGASA-2015-0155)
2022-01-28 00:00:00
altlinux
altlinux
redhat
redhat
(RHSA-2015:0813) Critical: flash-plugin security update
2015-04-15 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2015-04-17 00:00:00
suse
suse
Security update for Adobe Flash Player (important)
2015-04-15 13:05:12
Security update for Adobe Flash Player (important)
2015-04-15 10:04:46
Security update for flash-player (important)
2015-04-16 00:04:48
archlinux
archlinux
flashplugin: multiple issues
2015-04-17 00:00:00
kaspersky
kaspersky
KLA10547 Multiple vulnerabilities in Adobe Flash Player
2015-04-14 00:00:00
mageia
mageia
Updated flash-player-plugin packages fix security vulnerabilities
2015-04-15 12:01:28
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.5
Confidence
Low
EPSS
0.975
Percentile
100.0%
Related for CVE-2015-0346