ID

VAR-201501-0117


CVE

CVE-2015-0312


TITLE

Adobe Flash Player Memory double free vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2015-001263

DESCRIPTION

Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0.0.296 on Windows and OS X and before 11.2.202.440 on Linux allows attackers to execute arbitrary code via unspecified vectors. Supplementary information : CWE Vulnerability type by CWE-415: Double Free ( Double release ) Has been identified. http://cwe.mitre.org/data/definitions/415.htmlAn attacker could execute arbitrary code. Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. Failed exploit attempts will likely cause a denial-of-service condition. The product enables viewing of applications, content and video across screens and browsers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2015:0094-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-0094.html Issue date: 2015-01-27 CVE Names: CVE-2015-0310 CVE-2015-0311 CVE-2015-0312 ===================================================================== 1. Summary: An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. These vulnerabilities are detailed in the Adobe Security Bulletin APSB15-02, and APSB15-03, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1185137 - CVE-2015-0310 flash-plugin: Vulnerability that could be used to circumvent memory randomization mitigations (APSB15-02) 1185296 - CVE-2015-0311 CVE-2015-0312 flash-plugin: multiple critical vulnerabilities (APSA15-01)(APSB15-03) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.440-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.440-1.el5.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.440-1.el5.i386.rpm x86_64: flash-plugin-11.2.202.440-1.el5.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.440-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.440-1.el6.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.440-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.440-1.el6.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.440-1.el6.i686.rpm x86_64: flash-plugin-11.2.202.440-1.el6.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-0310 https://access.redhat.com/security/cve/CVE-2015-0311 https://access.redhat.com/security/cve/CVE-2015-0312 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb15-02.html https://helpx.adobe.com/security/products/flash-player/apsb15-03.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUyAGGXlSAg2UNWIIRAi1BAJ9Q5Uq7Z9D/i5dIrMbLRMK/TUbVpQCfZhjG Xjm8B3oIdHx7wx6dzJxrEAw= =70K0 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 2.16

sources: NVD: CVE-2015-0312 // JVNDB: JVNDB-2015-001263 // BID: 72343 // VULHUB: VHN-78258 // VULMON: CVE-2015-0312 // PACKETSTORM: 130128

AFFECTED PRODUCTS

vendor:adobemodel:flash playerscope:lteversion:13.0.0.262

Trust: 1.0

vendor:adobemodel:flash playerscope:lteversion:11.2.202.438

Trust: 1.0

vendor:adobemodel:flash playerscope:lteversion:16.0.0.287

Trust: 1.0

vendor:adobemodel:flash player desktop runtimescope:lteversion:16.0.0.287

Trust: 1.0

vendor:adobemodel:flash playerscope:eqversion:13.0.0.262

Trust: 0.9

vendor:adobemodel:flash playerscope:eqversion:13.0.0.260

Trust: 0.9

vendor:adobemodel:flash playerscope:eqversion:13.0.0.231

Trust: 0.9

vendor:adobemodel:flash playerscope:eqversion:11.2.202.291

Trust: 0.9

vendor:adobemodel:flash playerscope:eqversion:11.2.202.275

Trust: 0.9

vendor:adobemodel:flash playerscope:eqversion:11.2.202.273

Trust: 0.9

vendor:adobemodel:flash playerscope:eqversion:11.2.202.270

Trust: 0.9

vendor:adobemodel:flash playerscope:eqversion:11.2.202.262

Trust: 0.9

vendor:adobemodel:flash playerscope:eqversion:11.2.202.261

Trust: 0.9

vendor:adobemodel:flash playerscope:eqversion:11.2.202.258

Trust: 0.9

vendor:googlemodel:chromescope:ltversion:40.0.2214.93 (windows/machintosh/linux)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:11.2.202.440 (linux)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:16.0.0.296 (internet explorer 10/11)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:16.0.0.296 (windows/machintosh/linux edition chrome)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:desktop runtime 16.0.0.296 (windows/macintosh)

Trust: 0.8

vendor:adobemodel:flash playerscope:ltversion:continuous support release 13.0.0.264 (windows/macintosh)

Trust: 0.8

vendor:microsoftmodel:internet explorerscope:eqversion:10 (windows 8/windows server 2012/windows rt)

Trust: 0.8

vendor:microsoftmodel:internet explorerscope:eqversion:11 (windows 8.1/windows server 2012 r2/windows rt 8.1)

Trust: 0.8

vendor:redhatmodel:enterprise linux workstation supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux supplementary serverscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux server supplementary eus 6.6.zscope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux server supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementary clientscope:eqversion:5

Trust: 0.3

vendor:microsoftmodel:internet explorerscope:eqversion:11

Trust: 0.3

vendor:microsoftmodel:internet explorerscope:eqversion:10

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:16.0235

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:14.0179

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:14.0177

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:14.0176

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:13.0259

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:13.0252

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:13.0214

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:13.0182

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:12.070

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.7.700275

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.7.700232

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.7.700169

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.6.602105

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.5.502131

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.5.502124

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.5.502118

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.5.50080

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.4.400231

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.3.300271

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.3.300270

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.3.300268

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.3.300265

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.3.300262

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.3.300257

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.3.300250

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.3.300231

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.3.300214

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.20295

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202425

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202418

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202400

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202359

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202350

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202346

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202341

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202297

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202280

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202238

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202236

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202221

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202197

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202160

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.11569

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.11554

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.11164

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.11150

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.0.198

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.0.160

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.0.1129

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.53.64

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.51.66

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.452

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.3218

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.22.87

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.15.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.12.36

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.12.35

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.262

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.2460

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.152.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.151.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.124.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.9.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.8.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.48.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.47.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.45.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.31.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.289.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.283.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.280

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.28.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.277.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.262.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.260.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.159.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.155.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0.115.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:9

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:8.0.35.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:8.0.34.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:8

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.73.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.70.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.69.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.68.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.67.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.66.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.61.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.60.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.53.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.24.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.19.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7.0.14.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:6.0.79

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:6.0.21.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:4

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:2

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:16.0.0.291

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:16.0.0.287

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:16.0.0.257

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:15.0.0.246

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:15.0.0.242

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:15.0.0.239

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:15.0.0.223

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:15.0.0.189

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:15.0.0.152

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:14.0.0.145

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:14.0.0.125

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:13.0.0.258

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:13.0.0.250

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:13.0.0.244

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:13.0.0.241

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:13.0.0.223

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:13.0.0.206

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:13.0.0.201

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:12.0.0.77

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:12.0.0.44

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:12.0.0.43

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:12.0.0.41

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:12.0.0.38

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:12

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.9.900.170

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.9.900.152

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.9.900.117

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.8.800.97

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.8.800.94

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.8.800.170

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.8.800.168

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.7.700.279

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.7.700.272

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.7.700.269

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.7.700.261

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.7.700.260

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.7.700.257

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.7.700.252

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.7.700.242

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.7.700.225

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.7.700.224

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.7.700.203

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.7.700.202

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.6.602.180

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.6.602.171

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.6.602.168

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.6.602.167

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.5.502.149

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.5.502.146

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.5.502.136

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.5.502.135

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.5.502.110

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.4.402.287

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.4.402.278

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.4.402.265

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.3.378.5

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.3.31.230

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.3.300.273

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.438

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.429

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.424

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.411

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.406

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.394

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.378

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.356

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.336

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.335

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.332

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.327

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.310

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.285

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.251

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.243

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.238

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.235

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.233

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.229

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.228

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.2.202.223

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.81

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.8

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.63

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.6

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.59

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.58

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.48

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.34

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.115.11

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.112.61

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.9

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.8

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.73

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.6

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.54

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.5

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.44

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.111.10

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.102.63

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.102.62

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.102.59

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.102.55

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1.102.228

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.0.1.153

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.0.1.152

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:11.0

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.6

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.186.2

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.25

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.24

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.23

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.22

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.185.21

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.86

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.75

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.7

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.68

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.67

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.63

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.61

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.51

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.50

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.5

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.48

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.43

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.4

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.29

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.25

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.23

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.20

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.19

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.18

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.16

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.15

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.11

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.183.10

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.34

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.26

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.23

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.22

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.16

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.3.181.14

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.159.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.157.51

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.156.12

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.28

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.27

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.25

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.24

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.18

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.154.13

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.153.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.33

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.32

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.26

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152.21

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.2.152

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.95.2

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.95.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.92.8

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.92.10

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.85.3

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.82.76

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.52.15

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.52.14.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.52.14

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.106.17

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.106.16

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.105.6

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.102.65

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1.102.64

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.1

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.42.34

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.32.18

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10.0.2.54

Trust: 0.3

vendor:adobemodel:flash playerscope:eqversion:10

Trust: 0.3

vendor:adobemodel:flash playerscope:neversion:16.0.0.296

Trust: 0.3

vendor:adobemodel:flash playerscope:neversion:13.0.0.264

Trust: 0.3

vendor:adobemodel:flash playerscope:neversion:11.2.202.440

Trust: 0.3

sources: BID: 72343 // JVNDB: JVNDB-2015-001263 // CNNVD: CNNVD-201501-668 // NVD: CVE-2015-0312

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-0312
value: HIGH

Trust: 1.0

NVD: CVE-2015-0312
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201501-668
value: CRITICAL

Trust: 0.6

VULHUB: VHN-78258
value: HIGH

Trust: 0.1

VULMON: CVE-2015-0312
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2015-0312
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: CVE-2015-0312
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-78258
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-78258 // VULMON: CVE-2015-0312 // JVNDB: JVNDB-2015-001263 // CNNVD: CNNVD-201501-668 // NVD: CVE-2015-0312

PROBLEMTYPE DATA

problemtype:CWE-415

Trust: 1.1

problemtype:CWE-Other

Trust: 0.8

sources: VULHUB: VHN-78258 // JVNDB: JVNDB-2015-001263 // NVD: CVE-2015-0312

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201501-668

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201501-668

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-001263

PATCH

title:APSB15-03url:http://helpx.adobe.com/security/products/flash-player/apsb15-03.html

Trust: 0.8

title:APSB15-03url:http://helpx.adobe.com/jp/security/products/flash-player/apsb15-03.html

Trust: 0.8

title:Stable Channel Updateurl:http://googlechromereleases.blogspot.jp/2015/01/stable-channel-update_26.html

Trust: 0.8

title:Google Chromeurl:https://www.google.com/intl/ja/chrome/browser/features.html

Trust: 0.8

title:Update for Vulnerabilities in Adobe Flash Player in Internet Explorer (2755801)url:https://technet.microsoft.com/en-us/library/security/2755801

Trust: 0.8

title:Internet Explorer 上の Adobe Flash Player の脆弱性に対応する更新プログラム (2755801)url:https://technet.microsoft.com/ja-jp/library/security/2755801

Trust: 0.8

title:アドビ システムズ社 Adobe Flash Player の脆弱性に関するお知らせurl:http://www.fmworld.net/biz/common/adobe/20150129f.html

Trust: 0.8

title:flashplayer_16.0.0.296_sa_debugurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53510

Trust: 0.6

title:flashplayer_16.0.0.296_ax_debugurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53509

Trust: 0.6

title:flashplayer_13.0.0.264_plugin_debugurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53508

Trust: 0.6

title:flashplayer_13.0.0.264_ax_debugurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53507

Trust: 0.6

title:flashplayer_11.2.202.440_plugin_debug.i386url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=53511

Trust: 0.6

title:The Registerurl:https://www.theregister.co.uk/2015/01/27/adobe_issues_second_emergency_flash_patch_this_month/

Trust: 0.2

title:Red Hat: Critical: flash-plugin security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20150094 - Security Advisory

Trust: 0.1

title:Red Hat: CVE-2015-0312url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2015-0312

Trust: 0.1

title:CVE-Studyurl:https://github.com/thdusdl1219/CVE-Study

Trust: 0.1

sources: VULMON: CVE-2015-0312 // JVNDB: JVNDB-2015-001263 // CNNVD: CNNVD-201501-668

EXTERNAL IDS

db:NVDid:CVE-2015-0312

Trust: 3.0

db:BIDid:72343

Trust: 2.1

db:SECUNIAid:62543

Trust: 1.8

db:SECUNIAid:62660

Trust: 1.8

db:SECUNIAid:62432

Trust: 1.8

db:SECTRACKid:1031634

Trust: 1.8

db:JVNDBid:JVNDB-2015-001263

Trust: 0.8

db:CNNVDid:CNNVD-201501-668

Trust: 0.7

db:VULHUBid:VHN-78258

Trust: 0.1

db:VULMONid:CVE-2015-0312

Trust: 0.1

db:PACKETSTORMid:130128

Trust: 0.1

sources: VULHUB: VHN-78258 // VULMON: CVE-2015-0312 // BID: 72343 // JVNDB: JVNDB-2015-001263 // PACKETSTORM: 130128 // CNNVD: CNNVD-201501-668 // NVD: CVE-2015-0312

REFERENCES

url:http://helpx.adobe.com/security/products/flash-player/apsb15-03.html

Trust: 2.2

url:https://technet.microsoft.com/library/security/2755801

Trust: 2.1

url:http://www.securityfocus.com/bid/72343

Trust: 1.8

url:http://www.securitytracker.com/id/1031634

Trust: 1.8

url:http://secunia.com/advisories/62432

Trust: 1.8

url:http://secunia.com/advisories/62543

Trust: 1.8

url:http://secunia.com/advisories/62660

Trust: 1.8

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/100394

Trust: 1.8

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0312

Trust: 0.8

url:http://www.ipa.go.jp/security/ciadr/vul/20150128-adobeflashplayer.html

Trust: 0.8

url:http://www.jpcert.or.jp/at/2015/at150004.html

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0312

Trust: 0.8

url:http://www.npa.go.jp/cyberpolice/topics/?seq=15246

Trust: 0.8

url:https://www.adobe.com/software/flash/about/

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/415.html

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2015:0094

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:http://tools.cisco.com/security/center/viewalert.x?alertid=37202

Trust: 0.1

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-0311

Trust: 0.1

url:https://access.redhat.com/security/team/contact/

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2015-0312

Trust: 0.1

url:https://bugzilla.redhat.com/):

Trust: 0.1

url:https://access.redhat.com/security/team/key/

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2015-0094.html

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#critical

Trust: 0.1

url:https://access.redhat.com/articles/11258

Trust: 0.1

url:https://helpx.adobe.com/security/products/flash-player/apsb15-02.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-0310

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-0312

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2015-0311

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2015-0310

Trust: 0.1

sources: VULHUB: VHN-78258 // VULMON: CVE-2015-0312 // BID: 72343 // JVNDB: JVNDB-2015-001263 // PACKETSTORM: 130128 // CNNVD: CNNVD-201501-668 // NVD: CVE-2015-0312

CREDITS

bilou working with the Chromium Vulnerability Rewards Program

Trust: 0.3

sources: BID: 72343

SOURCES

db:VULHUBid:VHN-78258
db:VULMONid:CVE-2015-0312
db:BIDid:72343
db:JVNDBid:JVNDB-2015-001263
db:PACKETSTORMid:130128
db:CNNVDid:CNNVD-201501-668
db:NVDid:CVE-2015-0312

LAST UPDATE DATE

2024-11-23T21:44:41.029000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-78258date:2020-09-29T00:00:00
db:VULMONid:CVE-2015-0312date:2021-09-08T00:00:00
db:BIDid:72343date:2015-01-27T00:00:00
db:JVNDBid:JVNDB-2015-001263date:2015-01-30T00:00:00
db:CNNVDid:CNNVD-201501-668date:2020-09-30T00:00:00
db:NVDid:CVE-2015-0312date:2024-11-21T02:22:47.727

SOURCES RELEASE DATE

db:VULHUBid:VHN-78258date:2015-01-28T00:00:00
db:VULMONid:CVE-2015-0312date:2015-01-28T00:00:00
db:BIDid:72343date:2015-01-27T00:00:00
db:JVNDBid:JVNDB-2015-001263date:2015-01-30T00:00:00
db:PACKETSTORMid:130128date:2015-01-28T00:27:43
db:CNNVDid:CNNVD-201501-668date:2015-01-29T00:00:00
db:NVDid:CVE-2015-0312date:2015-01-28T22:59:01.937