Lucene search

[email protected]CVE-2015-0353

HistoryApr 14, 2015 - 10:59 p.m.

CVE-2015-0353

2015-04-1422:59:07

[email protected]

web.nvd.nist.gov

In Wild

cve-2015-0353

adobe flash player

arbitrary code execution

dos

memory corruption

nvd

cve

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.934 High

EPSS

Percentile

99.1%

JSON

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.

Affected configurations

NVD

Node

adobeflash_playerRange≤11.2.202.451

AND

linuxlinux_kernelMatch-

Node

opensuseopensuseMatch13.1

opensuseopensuseMatch13.2

susesuse_linux_enterprise_desktopMatch11.0sp3

susesuse_linux_enterprise_desktopMatch12.0

susesuse_linux_workstation_extensionMatch12.0

Node

adobeflash_playerRange≤13.0.0.264

adobeflash_playerMatch14.0.0.125

adobeflash_playerMatch14.0.0.145

adobeflash_playerMatch14.0.0.176

adobeflash_playerMatch14.0.0.179

adobeflash_playerMatch15.0.0.152

adobeflash_playerMatch15.0.0.167

adobeflash_playerMatch15.0.0.189

adobeflash_playerMatch15.0.0.223

adobeflash_playerMatch15.0.0.239

adobeflash_playerMatch15.0.0.246

adobeflash_playerMatch16.0.0.235

adobeflash_playerMatch16.0.0.257

adobeflash_playerMatch16.0.0.287

adobeflash_playerMatch16.0.0.296

adobeflash_playerMatch17.0.0.134

AND

applemac_os_xMatch-

microsoftwindowsMatch-

Node

redhatenterprise_linux_desktop_supplementaryMatch5.0

redhatenterprise_linux_desktop_supplementaryMatch6.0

redhatenterprise_linux_server_supplementaryMatch5.0

redhatenterprise_linux_server_supplementaryMatch6.0

redhatenterprise_linux_server_supplementary_eusMatch6.6.z

redhatenterprise_linux_workstation_supplementaryMatch6.0

CPENameOperatorVersion
adobe:flash_playeradobe flash playerle11.2.202.451

CPE	Name	Operator	Version
adobe:flash_player	adobe flash player	le	11.2.202.451

References

lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html

lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html

lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html

lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html

rhn.redhat.com/errata/RHSA-2015-0813.html

www.securityfocus.com/bid/74062

www.securitytracker.com/id/1032105

helpx.adobe.com/security/products/flash-player/apsb15-06.html

security.gentoo.org/glsa/201504-07

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.934 High

EPSS

Percentile

99.1%

JSON

CVE-2015-0353

Affected configurations

References

Related