Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2015-0043
HistoryJan 28, 2015 - 12:08 a.m.

Updated flash-player-plugin packages fix security vulnerabilities

2015-01-2800:08:29
Gentoo Foundation
advisories.mageia.org
18

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.972

Percentile

99.9%

JSON

Adobe Flash Player 11.2.202.440 contains fixes to critical security vulnerabilities found in earlier versions that could cause a crash and potentially allow an attacker to take control of the affected system. Adobe reports that CVE-2015-0311 is already being actively exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows. This update resolves a use-after-free vulnerability that could lead to code execution (CVE-2015-0311). This update resolves a double-free vulnerability that could lead to code execution (CVE-2015-0312).

OSVersionArchitecturePackageVersionFilename
Mageia4noarchflash-player-plugin<ย 11.2.202.440-1.1flash-player-plugin-11.2.202.440-1.1.mga4.nonfree

Related

openvas 7
nessus 13
redhat 1
prion 2
symantec 1
cvelist 2
checkpoint_advisories 3
ubuntucve 2
hackerone 1
nvd 2
suse 4
freebsd 1
cve 2
seebug 1
threatpost 7
cisa_kev 1
packetstorm 1
exploitdb 1
zdt 1
attackerkb 1
metasploit 1
cisa 1
thn 2
archlinux 1
gentoo 1
openvas
openvas
Adobe Flash Player Unspecified Code Execution Vulnerability (Jan 2015) - Linux
2015-01-27 00:00:00
Adobe Flash Player Unspecified Code Execution Vulnerability (Jan 2015) - Mac OS X
2015-01-27 00:00:00
Adobe Flash Player Unspecified Code Execution Vulnerability (Jan 2015) - Windows
2015-01-27 00:00:00
nessus
nessus
Google Chrome < 40.0.2214.93 Flash Player Multiple Remote Code Execution (Mac OS X)
2015-01-27 00:00:00
Google Chrome < 40.0.2214.93 Flash Player Multiple Remote Code Execution
2015-01-27 00:00:00
Flash Player <= 16.0.0.287 Unspecified Code Execution (APSA15-01 / APSB15-03)
2015-01-26 00:00:00
redhat
redhat
(RHSA-2015:0094) Critical: flash-plugin security update
2015-01-27 00:00:00
prion
prion
Double free
2015-01-28 22:59:00
Code injection
2015-01-23 21:59:00
symantec
symantec
Adobe Flash Player CVE-2015-0312 Double Free Remote Code Execution Vulnerability
2015-01-27 00:00:00
cvelist
cvelist
CVE-2015-0312
2015-01-28 22:00:00
CVE-2015-0311
2015-01-23 21:00:00
checkpoint_advisories
checkpoint_advisories
Adobe Flash Player Double Free (APSB15-03: CVE-2015-0312)
2015-02-01 00:00:00
Adobe Flash Player Memory Corruption (APSB15-03: CVE-2015-0310: CVE-2015-0311)
2015-01-28 00:00:00
Adobe Flash Player Action Script Evasion (CVE-2015-0310; CVE-2015-0311)
2015-01-26 00:00:00
ubuntucve
ubuntucve
CVE-2015-0312
2015-01-28 00:00:00
CVE-2015-0311
2015-01-23 00:00:00
hackerone
hackerone
Internet Bug Bounty: Race condition in workers may cause an exploitable double free by abusing bytearray.compress()
2015-02-09 18:36:18
nvd
nvd
CVE-2015-0312
2015-01-28 22:59:01
CVE-2015-0311
2015-01-23 21:59:04
suse
suse
Security update for flash-player (critical)
2015-01-27 14:04:56
Security update for flash-player (critical)
2015-01-27 10:05:24
Security update for flash-player (critical)
2015-01-28 19:08:21
freebsd
freebsd
Adobe Flash Player -- critical vulnerability
2015-01-22 00:00:00
cve
cve
CVE-2015-0312
2015-01-28 22:59:01
CVE-2015-0311
2015-01-23 21:59:04
seebug
seebug
Adobe Flash Player Convolution Filter UAF ๅ‘ฝไปคๆ‰ง่กŒ
2015-07-08 00:00:00
threatpost
threatpost
1,800 Domains Overtaken by Flash Zero Day
2015-02-03 14:27:13
Control Flow Guard Mitigation Bypass
2015-09-22 15:00:11
Adobe Auto-Update Flash Player Zero Day Patch
2015-01-26 11:17:58
cisa_kev
cisa_kev
Adobe Flash Player Remote Code Execution Vulnerability
2022-04-13 00:00:00
packetstorm
packetstorm
Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free
2015-03-12 00:00:00
exploitdb
exploitdb
Adobe Flash Player - ByteArray UncompressViaZlibVariant Use-After-Free (Metasploit)
2015-03-12 00:00:00
zdt
zdt
Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free Exploit
2015-03-12 00:00:00
attackerkb
attackerkb
CVE-2015-0311
2015-01-23 00:00:00
metasploit
metasploit
Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free
2015-05-20 23:57:59
cisa
cisa
Security Advisory for Adobe Flash Player
2015-01-26 00:00:00
thn
thn
Adobe patches 2nd Flash Player Zero-day Vulnerability
2015-01-25 08:11:00
Another Unpatched Adobe Flash Zero-Day vulnerability Exploited in the Wild
2015-02-02 06:29:00
archlinux
archlinux
flashplugin: multiple issues
2015-01-23 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2015-02-06 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.972

Percentile

99.9%

JSON
Related for MGASA-2015-0043
openvas7nessus13redhat1prion2symantec1cvelist2checkpoint_advisories3ubuntucve2hackerone1nvd2suse4freebsd1cve2seebug1threatpost7cisa_kev1packetstorm1exploitdb1zdt1attackerkb1metasploit1cisa1thn2archlinux1gentoo1