Lucene search
David Kraftsow (dontsave)ZDI-15-294HistoryJul 08, 2015 - 12:00 a.m.
Adobe Flash Sound Universal Cross Site Scripting Vulnerability
2015-07-0800:00:00
David Kraftsow (dontsave)
www.zerodayinitiative.com
23
EPSS
0.046
Percentile
92.6%
This vulnerability allows remote attackers to read arbitrary data on vulnerable Adobe Flash installations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Sound objects. A remote attacker can run arbitrary script in the context of any domain. An attacker can leverage this vulnerability to read browser cookies or saved passwords.
Related
checkpoint_advisories
checkpoint_advisories
cve
cve
cvelist
cvelist
prion
prion
Design/Logic Flaw
2015-07-09 16:59:00
Design/Logic Flaw
2015-07-09 16:59:00
Design/Logic Flaw
2015-07-09 16:59:00
ubuntucve
ubuntucve
nvd
nvd
redhat
redhat
(RHSA-2015:1214) Critical: flash-plugin security update
2015-07-08 00:00:00
nessus
nessus
Adobe Flash Player <= 18.0.0.194 Multiple Vulnerabilities (APSB15-16)
2015-07-09 00:00:00
Adobe AIR < 18.0.0.180 Multiple Vulnerabilities (APSB15-16)
2015-09-11 00:00:00
suse
suse
Security update for flash-player (critical)
2015-07-09 11:08:12
Security update for flash-player (critical)
2015-07-09 14:08:22
openvas
openvas
Adobe Flash Player Use-After-Free Vulnerability (Jul 2015) - Linux
2015-07-08 00:00:00
Mageia: Security Advisory (MGASA-2015-0273)
2015-10-15 00:00:00
SUSE: Security Advisory for flash-player (SUSE-SU-2015:1211-1)
2015-10-15 00:00:00
mageia
mageia
Updated flash-player-plugin package fixes critical security vulnerabilities
2015-07-09 11:09:20
altlinux
altlinux
kaspersky
kaspersky
KLA10623 Multiple vulnerabilities in Adobe products
2015-07-08 00:00:00
gentoo
gentoo
Adobe Flash Player: Multiple vulnerabilities
2015-07-10 00:00:00
securityvulns
securityvulns
Adobe Flash Player multiple security vulnerabilities
2015-07-19 00:00:00