CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
100.0%
Adobe Flash Player 11.2.202.442 contains fixes to critical security vulnerabilities found in earlier versions that could cause a crash and potentially allow an attacker to take control of the affected system. This update resolves use-after-free vulnerabilities that could lead to code execution (CVE-2015-0313, CVE-2015-0315, CVE-2015-0320, CVE-2015-0322). This update resolves memory corruption vulnerabilities that could lead to code execution (CVE-2015-0314, CVE-2015-0316, CVE-2015-0318, CVE-2015-0321, CVE-2015-0329, CVE-2015-0330). This update resolves type confusion vulnerabilities that could lead to code execution (CVE-2015-0317, CVE-2015-0319). This update resolves heap buffer overflow vulnerabilities that could lead to code execution (CVE-2015-0323, CVE-2015-0327). This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2015-0324). This update resolves null pointer dereference issues (CVE-2015-0325, CVE-2015-0326, CVE-2015-0328). Adobe reports that CVE-2015-0313 is already being actively exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows, but it also reports that this specific vulnerability is not exploitable on any Flash Player version 11.x or older, which is what is provided on Mageia 4.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 4 | noarch | flash-player-plugin | <Β 11.2.202.442-1 | flash-player-plugin-11.2.202.442-1.mga4.nonfree |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
100.0%