Details of VAR-201507-0107

ID

VAR-201507-0107

CVE

CVE-2015-5124

TITLE

Adobe Flash Player and Adobe AIR Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2015-003793

DESCRIPTION

Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3123, CVE-2015-3130, CVE-2015-3133, CVE-2015-3134, and CVE-2015-4431. This vulnerability CVE-2015-3117 , CVE-2015-3123 , CVE-2015-3130 , CVE-2015-3133 , CVE-2015-3134 ,and CVE-2015-4431 Is a different vulnerability.An attacker could execute arbitrary code or cause a denial of service ( Memory corruption ) There is a possibility of being put into a state. Failed exploit attempts will likely result in denial-of-service conditions. Security flaws exist in several Adobe products. Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.508" References ========== [ 1 ] CVE-2015-3107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3107 [ 2 ] CVE-2015-5122 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5122 [ 3 ] CVE-2015-5123 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5123 [ 4 ] CVE-2015-5124 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5124 [ 5 ] CVE-2015-5125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5125 [ 6 ] CVE-2015-5127 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5127 [ 7 ] CVE-2015-5129 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5129 [ 8 ] CVE-2015-5130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5130 [ 9 ] CVE-2015-5131 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5131 [ 10 ] CVE-2015-5132 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5132 [ 11 ] CVE-2015-5133 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5133 [ 12 ] CVE-2015-5134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5134 [ 13 ] CVE-2015-5539 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5539 [ 14 ] CVE-2015-5540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5540 [ 15 ] CVE-2015-5541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5541 [ 16 ] CVE-2015-5544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5544 [ 17 ] CVE-2015-5545 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5545 [ 18 ] CVE-2015-5546 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5546 [ 19 ] CVE-2015-5547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5547 [ 20 ] CVE-2015-5548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5548 [ 21 ] CVE-2015-5549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5549 [ 22 ] CVE-2015-5550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5550 [ 23 ] CVE-2015-5551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5551 [ 24 ] CVE-2015-5552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5552 [ 25 ] CVE-2015-5553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5553 [ 26 ] CVE-2015-5554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5554 [ 27 ] CVE-2015-5555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5555 [ 28 ] CVE-2015-5556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5556 [ 29 ] CVE-2015-5557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5557 [ 30 ] CVE-2015-5558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5558 [ 31 ] CVE-2015-5559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5559 [ 32 ] CVE-2015-5560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5560 [ 33 ] CVE-2015-5561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5561 [ 34 ] CVE-2015-5562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5562 [ 35 ] CVE-2015-5563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5563 [ 36 ] CVE-2015-5564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5564 [ 37 ] CVE-2015-5965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5965 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201508-01 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Trust: 2.16

sources: NVD: CVE-2015-5124 // JVNDB: JVNDB-2015-003793 // BID: 75959 // VULHUB: VHN-83085 // VULMON: CVE-2015-5124 // PACKETSTORM: 133099

AFFECTED PRODUCTS

vendor:	adobe	model:	flash player	scope:	eq	version:	14.0.0.176	Trust: 1.6
vendor:	adobe	model:	flash player	scope:	eq	version:	16.0.0.287	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	16.0.0.296	Trust: 1.0
vendor:	opensuse	model:	evergreen	scope:	eq	version:	11.4	Trust: 1.0
vendor:	adobe	model:	air sdk	scope:	lte	version:	18.0.0.144	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	15.0.0.246	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	18.0.0.194	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	15.0.0.189	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	17.0.0.169	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	18.0.0.160	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	15.0.0.239	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	15.0.0.223	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	lte	version:	13.0.0.289	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	14.0.0.125	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	17.0.0.188	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	17.0.0.134	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	lte	version:	11.2.202.468	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	17.0.0.190	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	15.0.0.152	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	16.0.0.257	Trust: 1.0
vendor:	adobe	model:	air	scope:	lte	version:	18.0.0.144	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	14.0.0.145	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	16.0.0.235	Trust: 1.0
vendor:	adobe	model:	air sdk \& compiler	scope:	lte	version:	18.0.0.144	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	14.0.0.179	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	eq	version:	15.0.0.167	Trust: 1.0
vendor:	google	model:	chrome	scope:	-	version:	-	Trust: 0.8
vendor:	adobe	model:	air	scope:	lt	version:	desktop runtime 18.0.0.180 (windows/macintosh)	Trust: 0.8
vendor:	adobe	model:	air sdk	scope:	lt	version:	18.0.0.180 (windows/macintosh/android/ios)	Trust: 0.8
vendor:	adobe	model:	air sdk & compiler	scope:	lt	version:	18.0.0.180 (windows/macintosh/android/ios)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	11.2.202.481 (linux)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	18.0.0.203 (internet explorer 10/11)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	18.0.0.203 (windows/macintosh edition chrome)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	18.0.0.204 (linux edition chrome)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	desktop runtime 18.0.0.203 (windows/macintosh)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	continuous support release 13.0.0.302 (windows/macintosh)	Trust: 0.8
vendor:	microsoft	model:	internet explorer	scope:	eq	version:	10 (windows 8/windows server 2012/windows rt)	Trust: 0.8
vendor:	microsoft	model:	internet explorer	scope:	eq	version:	11 (windows 8.1/windows server 2012 r2/windows rt 8.1)	Trust: 0.8
vendor:	adobe	model:	air sdk	scope:	eq	version:	18.0.0.144	Trust: 0.6
vendor:	adobe	model:	air sdk \& compiler	scope:	eq	version:	18.0.0.144	Trust: 0.6
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.468	Trust: 0.6
vendor:	adobe	model:	air	scope:	eq	version:	18.0.0.144	Trust: 0.6
vendor:	adobe	model:	flash player	scope:	eq	version:	13.0.0.289	Trust: 0.6
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.53.64	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.51.66	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.452	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.3218	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.22.87	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.15.3	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.12.36	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.12.35	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.262	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.2460	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.152.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.151.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.124.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.48.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.47.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.45.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.31.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.289.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.283.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.280	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.28.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.277.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.262.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.260.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.246.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.159.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.155.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.115.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	8.0.35.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	8.0.34.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	8	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.73.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.70.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.69.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.68.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.67.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.66.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.61.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.60.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.53.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.24.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.19.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.14.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	6.0.79	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	6.0.21.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.235	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.233	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.229	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.228	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.223	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.115.8	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.115.7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.115.6	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.112.61	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.9	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.8	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.6	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.5	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.102.63	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.102.62	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.102.55	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.102.228	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.0.1.152	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.6	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.3	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.2	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.25	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.23	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.22	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.21	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.5	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.4	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.10	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.34	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.26	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.23	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.22	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.16	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.14	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.159.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.157.51	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.156.12	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.28	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.27	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.25	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.24	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.18	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.13	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.153.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152.33	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152.32	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152.21	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.95.2	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.95.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.92.8	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.92.10	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.85.3	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.82.76	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.52.15	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.52.14.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.106.16	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.105.6	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.102.65	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.102.64	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.42.34	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.32.18	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.0.4	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.0.3	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.3.9130	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.3.9120	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.3	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.2	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.1	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	3.2.0.2080	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	3.2.0.2070	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	3.1.0.4880	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	3.0	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.7.1.1961	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.7.1	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.7	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.6.19140	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.6.19120	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.6	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.5.1	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.0.2.12610	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.0.2	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.1	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.01	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.0	Trust: 0.3

sources: BID: 75959 // JVNDB: JVNDB-2015-003793 // CNNVD: CNNVD-201507-662 // NVD: CVE-2015-5124

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-5124
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-5124
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201507-662
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-83085
value:	HIGH
Trust: 0.1
VULMON:	CVE-2015-5124
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-5124
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-83085
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-83085 // VULMON: CVE-2015-5124 // JVNDB: JVNDB-2015-003793 // CNNVD: CNNVD-201507-662 // NVD: CVE-2015-5124

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-83085 // JVNDB: JVNDB-2015-003793 // NVD: CVE-2015-5124

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 133099 // CNNVD: CNNVD-201507-662

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201507-662

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-003793

PATCH

title:	APSB15-16	url:	http://helpx.adobe.com/security/products/flash-player/apsb15-16.html	Trust: 0.8
title:	APSB15-16	url:	http://helpx.adobe.com/jp/security/products/flash-player/apsb15-16.html	Trust: 0.8
title:	Google Chrome	url:	https://www.google.com/intl/ja/chrome/browser/features.html	Trust: 0.8
title:	Chrome Releases	url:	http://googlechromereleases.blogspot.jp/	Trust: 0.8
title:	Google Chrome を更新する	url:	https://support.google.com/chrome/answer/95414?hl=ja	Trust: 0.8
title:	Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge (2755801)	url:	https://technet.microsoft.com/en-us/library/security/2755801	Trust: 0.8
title:	Internet Explorer および Microsoft Edge 上の Adobe Flash Player の脆弱性に対応する更新プログラム (2755801)	url:	https://technet.microsoft.com/ja-jp/library/security/2755801	Trust: 0.8
title:	アドビシステムズ社 Adobe Flash Player の脆弱性に関するお知らせ (2015年7月10日)	url:	http://www.fmworld.net/biz/common/adobe/20150710f.html	Trust: 0.8
title:	AIRSDK_18.0.0.180 Compiler	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56987	Trust: 0.6
title:	AIRSDK_18.0.0.180 Compiler	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56986	Trust: 0.6
title:	fp_11.2.202.481_archive	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56983	Trust: 0.6
title:	fp_18.0.0.203_archive	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56982	Trust: 0.6
title:	fp_13.0.0.302_archive	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56981	Trust: 0.6
title:	AdobeAIR-18.0.0.180	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56985	Trust: 0.6
title:	AdobeAIR-18.0.0.180 Installer	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=56984	Trust: 0.6
title:	Red Hat: CVE-2015-5124	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2015-5124	Trust: 0.1
title:	CVE-Study	url:	https://github.com/thdusdl1219/CVE-Study	Trust: 0.1

sources: VULMON: CVE-2015-5124 // JVNDB: JVNDB-2015-003793 // CNNVD: CNNVD-201507-662

EXTERNAL IDS

db:	NVD	id:	CVE-2015-5124	Trust: 3.0
db:	BID	id:	75959	Trust: 1.5
db:	SECTRACK	id:	1032810	Trust: 1.2
db:	JVNDB	id:	JVNDB-2015-003793	Trust: 0.8
db:	CNNVD	id:	CNNVD-201507-662	Trust: 0.7
db:	VULHUB	id:	VHN-83085	Trust: 0.1
db:	VULMON	id:	CVE-2015-5124	Trust: 0.1
db:	PACKETSTORM	id:	133099	Trust: 0.1

sources: VULHUB: VHN-83085 // VULMON: CVE-2015-5124 // BID: 75959 // JVNDB: JVNDB-2015-003793 // PACKETSTORM: 133099 // CNNVD: CNNVD-201507-662 // NVD: CVE-2015-5124

REFERENCES

url:	https://helpx.adobe.com/security/products/flash-player/apsb15-16.html	Trust: 1.8
url:	https://security.gentoo.org/glsa/201508-01	Trust: 1.3
url:	http://www.securityfocus.com/bid/75959	Trust: 1.2
url:	http://rhn.redhat.com/errata/rhsa-2015-1214.html	Trust: 1.2
url:	http://www.securitytracker.com/id/1032810	Trust: 1.2
url:	http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5124	Trust: 0.8
url:	http://www.ipa.go.jp/security/ciadr/vul/20150709-adobeflashplayer.html	Trust: 0.8
url:	http://www.jpcert.or.jp/at/2015/at150019.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5124	Trust: 0.8
url:	http://www.npa.go.jp/cyberpolice/topics?seq=16572	Trust: 0.8
url:	http://www.adobe.com/products/air/	Trust: 0.3
url:	http://www.adobe.com	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=40668	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5540	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5551	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5134	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5557	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5560	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5134	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5550	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5561	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5548	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5130	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5131	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5123	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5123	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5563	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5553	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5132	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5550	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5129	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-3107	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5556	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5564	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5125	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5552	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5554	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5545	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5554	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5131	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5133	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5124	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5129	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5544	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5539	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5547	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3107	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5122	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5125	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5133	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5546	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5555	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5551	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5122	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5553	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5562	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5544	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5127	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5132	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5552	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5541	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5547	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5548	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5556	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5549	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5127	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5539	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5540	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5558	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5124	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5545	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5546	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5559	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5130	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5541	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5555	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5965	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5549	Trust: 0.1

sources: VULHUB: VHN-83085 // VULMON: CVE-2015-5124 // BID: 75959 // JVNDB: JVNDB-2015-003793 // PACKETSTORM: 133099 // CNNVD: CNNVD-201507-662 // NVD: CVE-2015-5124

CREDITS

Kai Kang of Tencent's Xuanwu Lab

Trust: 0.3

sources: BID: 75959

SOURCES

db:	VULHUB	id:	VHN-83085
db:	VULMON	id:	CVE-2015-5124
db:	BID	id:	75959
db:	JVNDB	id:	JVNDB-2015-003793
db:	PACKETSTORM	id:	133099
db:	CNNVD	id:	CNNVD-201507-662
db:	NVD	id:	CVE-2015-5124

LAST UPDATE DATE

2024-11-23T20:46:42.804000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-83085	date:	2018-01-05T00:00:00
db:	VULMON	id:	CVE-2015-5124	date:	2018-01-05T00:00:00
db:	BID	id:	75959	date:	2015-11-03T20:08:00
db:	JVNDB	id:	JVNDB-2015-003793	date:	2015-08-21T00:00:00
db:	CNNVD	id:	CNNVD-201507-662	date:	2015-07-23T00:00:00
db:	NVD	id:	CVE-2015-5124	date:	2024-11-21T02:32:24.747

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-83085	date:	2015-07-20T00:00:00
db:	VULMON	id:	CVE-2015-5124	date:	2015-07-20T00:00:00
db:	BID	id:	75959	date:	2015-07-17T00:00:00
db:	JVNDB	id:	JVNDB-2015-003793	date:	2015-07-22T00:00:00
db:	PACKETSTORM	id:	133099	date:	2015-08-17T15:41:19
db:	CNNVD	id:	CNNVD-201507-662	date:	2015-07-21T00:00:00
db:	NVD	id:	CVE-2015-5124	date:	2015-07-20T23:59:05.910