Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbSecurityObscurityEDB-ID:36491
HistoryMar 25, 2015 - 12:00 a.m.

Adobe Flash Player - Arbitrary Code Execution

2015-03-2500:00:00
SecurityObscurity
www.exploit-db.com
38

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.9

Confidence

High

EPSS

0.973

Percentile

99.9%

JSON
Source: https://github.com/SecurityObscurity/cve-2015-0313

PoC: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/36491.zip

Adobe Flash vulnerability source code (cve-2015-0313) from Angler Exploit Kit

Reference:

http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-new-adobe-flash-zero-day-exploit-used-in-malvertisements/
http://malware.dontneedcoffee.com/2015/02/cve-2015-0313-flash-up-to-1600296-and.html
https://helpx.adobe.com/security/products/flash-player/apsa15-02.html

Related

threatpost 5
checkpoint_advisories 2
canvas 1
exploitdb 1
nessus 11
zdt 1
cisa_kev 1
symantec 1
packetstorm 1
exploitpack 1
metasploit 1
thn 2
ubuntucve 5
prion 5
cvelist 5
nvd 5
cve 5
attackerkb 3
suse 4
mageia 1
archlinux 1
openvas 6
altlinux 1
githubexploit 2
threatpost
threatpost
Adobe Begins Patching Third Flash Player Zero Day
2015-02-04 16:44:42
Another Flash Zero Day Emerges
2015-02-02 08:51:33
Angler Exploit Kit, Bedep Malware Inflating Video Views
2015-05-05 08:00:41
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Remote Code Execution (APSA15-02: CVE-2015-0313)
2015-02-04 00:00:00
HanJuan Exploit Kit Landing Page (CVE-2015-0313)
2015-02-03 00:00:00
canvas
canvas
Immunity Canvas: ADOBE_FLASH_DOMAINMEMORY_UAF
2015-02-02 19:59:00
exploitdb
exploitdb
Adobe Flash Player - ByteArray With Workers Use-After-Free (Metasploit)
2015-03-31 00:00:00
nessus
nessus
FreeBSD : Adobe Flash Player -- critical vulnerability (734bcd49-aae6-11e4-a0c1-c485083ca99c) (deprecated)
2015-02-03 00:00:00
SuSE 11.3 Security Update : flash-player, flash-player-gnome, flash-player-kde4 (SAT Patch Number 10287)
2015-02-09 00:00:00
openSUSE Security Update : flash-player (openSUSE-2015-118)
2015-02-09 00:00:00
zdt
zdt
Adobe Flash Player ByteArray With Workers Use After Free Exploit
2015-04-02 00:00:00
cisa_kev
cisa_kev
Adobe Flash Player Use-After-Free Vulnerability
2022-04-13 00:00:00
symantec
symantec
Adobe Flash Player CVE-2015-0313 Remote Code Execution Vulnerability
2015-02-02 00:00:00
packetstorm
packetstorm
Adobe Flash Player ByteArray With Workers Use After Free
2015-03-30 00:00:00
exploitpack
exploitpack
Adobe Flash Player - Arbitrary Code Execution
2015-03-25 00:00:00
metasploit
metasploit
Adobe Flash Player ByteArray With Workers Use After Free
2015-03-27 23:51:13
thn
thn
Another Unpatched Adobe Flash Zero-Day vulnerability Exploited in the Wild
2015-02-02 06:29:00
Researchers Share New Insights Into RIG Exploit Kit Malware's Operations
2023-02-27 15:33:00
ubuntucve
ubuntucve
CVE-2015-0320
2015-02-06 00:00:00
CVE-2015-0315
2015-02-06 00:00:00
CVE-2015-0322
2015-02-06 00:00:00
prion
prion
Design/Logic Flaw
2015-02-06 00:59:00
Design/Logic Flaw
2015-02-06 00:59:00
Design/Logic Flaw
2015-02-02 19:59:00
cvelist
cvelist
CVE-2015-0320
2015-02-06 00:00:00
CVE-2015-0315
2015-02-06 00:00:00
CVE-2015-0313
2015-02-02 19:00:00
nvd
nvd
CVE-2015-0320
2015-02-06 00:59:05
CVE-2015-0322
2015-02-06 00:59:07
CVE-2015-0313
2015-02-02 19:59:00
cve
cve
CVE-2015-0320
2015-02-06 00:59:05
CVE-2015-0322
2015-02-06 00:59:07
CVE-2015-0315
2015-02-06 00:59:01
attackerkb
attackerkb
CVE-2015-0313
2015-02-02 00:00:00
CVE-2015-0322
2015-02-06 00:00:00
CVE-2015-0320
2015-02-06 00:00:00
suse
suse
Security update for flash-player, flash-player-gnome, flash-player-kde4 (critical)
2015-02-07 19:07:55
update for flash-player (critical)
2015-02-07 14:04:53
Security update for flash-player (critical)
2015-02-07 10:05:06
mageia
mageia
Updated flash-player-plugin packages fix security vulnerabilities
2015-02-06 19:51:41
archlinux
archlinux
flashplugin: remote code execution
2015-02-06 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0054)
2022-01-28 00:00:00
SUSE: Security Advisory for flash-player (SUSE-SU-2015:0236-1)
2015-10-16 00:00:00
SUSE: Security Advisory for flash-player (SUSE-SU-2015:0239-1)
2015-10-16 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package adobe-flash-player version 3:11-alt41
2015-02-06 00:00:00
githubexploit
githubexploit
Exploit for CVE-2014-4210
2022-03-19 01:54:15
Exploit for CVE-2014-4210
2022-03-19 01:54:15

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.9

Confidence

High

EPSS

0.973

Percentile

99.9%

JSON
Related for EDB-ID:36491
threatpost5checkpoint_advisories2canvas1exploitdb1nessus11zdt1cisa_kev1symantec1packetstorm1exploitpack1metasploit1thn2ubuntucve5prion5cvelist5nvd5cve5attackerkb3suse4mageia1archlinux1openvas6altlinux1githubexploit2