Details of VAR-201508-0294

ID

VAR-201508-0294

CVE

CVE-2015-5125

TITLE

Adobe Flash Player and Adobe AIR Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2015-004073

DESCRIPTION

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allow attackers to cause a denial of service (vector-length corruption) or possibly have unspecified other impact via unknown vectors. Adobe Flash Player and AIR are prone to multiple memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the application or cause denial-of-service conditions. A memory corruption vulnerability exists in several Adobe products. Attackers can exploit this vulnerability to cause denial of service (vector-length corruption). The following products and versions are affected: Adobe Flash Player Desktop Runtime 18.0.0.209 and earlier versions and Adobe Flash Player Extended Support Release 13.0.0.309 and earlier versions based on Windows and Macintosh platforms, Adobe Flash Player for Windows, Macintosh and Linux platforms Google Chrome 18.0.0.209 and earlier, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 on Windows 10 18.0.0.209 and earlier, Adobe Flash Player for Internet Explorer 10 and 11 18.0.0.209 on Windows 8.0 and 8.1 and previous versions, Adobe Flash Player for Linux 11.2.202.491 and previous versions based on Linux platforms, AIR Desktop Runtime 18.0.0.180 and previous versions based on Windows and Macintosh platforms, and AIR SDK 18.0 based on Windows, Macintosh, Android and iOS platforms. 0.180 and earlier and AIR SDK & Compiler 18.0.0.180 and earlier. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05390722 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05390722 Version: 1 HPSBMU03691 rev.1 - HPE Insight Control, Multiple Remote Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2017-02-14 Last Updated: 2017-02-14 Potential Security Impact: Local: Denial of Service (DoS); Remote: Access Restriction Bypass, Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS), Denial of Service (DoS), Disclosure of Sensitive Information, Execution of Arbitrary Commands, Unauthorized Modification Source: Hewlett Packard Enterprise, Product Security Response Team VULNERABILITY SUMMARY Several potential security vulnerabilities have been identified in HPE Insight Control. The vulnerabilities could be exploited remotely resulting in remote denial of Service (DoS), cross-site request forgery (CSRF), remote execution of arbitrary commands, disclosure of sensitive information, cross-site scripting (XSS), bypass access restriction or unauthorized modification. References: - CVE-2009-5028 - Namazu Remote Denial of Service - CVE-2011-4345 - Namazu Cross-site Scripting - CVE-2014-0050 - Apache Commons Collection Unauthorized Disclosure of Information - CVE-2014-4877 - GNU Wget, Unauthorized Disclosure of Information - CVE-2015-5125 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5127 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5129 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5130 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5131 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5132 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5133 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5134 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5539 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5540 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5541 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5544 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5545 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5546 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5547 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5548 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5549 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5550 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5551 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5552 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5553 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5554 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5555 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5556 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5557 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5558 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5559 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5560 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5561 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5562 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5563 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5564 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5565 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5566 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5567 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5568 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5570 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5571 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5572 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5573 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5574 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5575 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5576 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5577 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5578 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5579 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5580 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5581 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5582 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5584 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5587 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-5588 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-6420 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-6676 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-6677 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-6678 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-6679 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-6682 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-7547 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8044 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8415 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8416 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8417 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8418 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8419 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8420 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8421 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8422 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8423 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8424 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8425 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8426 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8427 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8428 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8429 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8430 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8431 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8432 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8433 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8434 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8435 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8436 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8437 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8438 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8439 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8440 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8441 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8442 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8443 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8444 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8445 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8446 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8447 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8448 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8449 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8450 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8451 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8452 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8453 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8454 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8455 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8456 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8457 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8459 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8460 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8634 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8635 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8636 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8638 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8639 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8640 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8641 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8642 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8643 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8644 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8645 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8646 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8647 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8648 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8649 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8650 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2015-8651 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-0702 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-0705 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-0777 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-0778 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-0797 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-0799 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-1521 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-1907 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-2105 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-2106 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-2107 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-2109 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-2183 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-2842 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-3739 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-4070 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-4071 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-4072 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-4342 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-4343 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-4393 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-4394 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-4395 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-4396 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-4537 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-4538 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-4539 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-4540 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-4541 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-4542 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-4543 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-5385 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-5387 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2016-5388 - Adobe Flash, Unauthorized Disclosure of Information - CVE-2017-5787 - DoS - LINUX VCRM - CVE-2016-8517 - SIM - CVE-2016-8516 - SIM - CVE-2016-8518 - SIM - CVE-2016-8513 - Cross-Site Request Forgery (CSRF) Linux VCRM - CVE-2016-8515 - Malicious File Upload - Linux VCRM - CVE-2016-8514 - Information Disclosure - Linux VCRM SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. - HP Insight Control Prior to 7.6 - HPE System Management Homepage Prior to 7.6 - HP Systems Insight Manager (HP SIM), Software Prior to 7.6 - HPE Version Control Repository Manager Prior to 7.6 - HP Insight Control server provisioning Prior to 7.6 BACKGROUND CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector CVE-2009-5028 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2011-4345 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N 2.6 (AV:N/AC:H/Au:N/C:N/I:P/A:N) CVE-2014-0050 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2014-4877 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-5125 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5127 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5129 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5130 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5131 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5132 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5133 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5134 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5539 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5540 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5541 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5544 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5545 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5546 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5547 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5548 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5549 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5550 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5551 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5552 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5553 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5554 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5555 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5556 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5557 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5558 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5559 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5560 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5561 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5562 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5563 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5564 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5565 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5566 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5567 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5568 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5570 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5571 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2015-5572 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N) CVE-2015-5573 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5574 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5575 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5576 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N) CVE-2015-5577 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5578 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5579 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5580 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5581 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5582 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5584 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5587 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-5588 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-6420 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2015-6676 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-6677 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-6678 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-6679 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N) CVE-2015-6682 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-7547 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2015-8044 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8415 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8416 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8417 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8418 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8419 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8420 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8421 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8422 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8423 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8424 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8425 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8426 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8427 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8428 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8429 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8430 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8431 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8432 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8433 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8434 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8435 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8436 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8437 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8438 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8439 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8440 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8441 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8442 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8443 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8444 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8445 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8446 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8447 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8448 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8449 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8450 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8451 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8452 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8453 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N) CVE-2015-8454 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8455 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8456 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8457 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8459 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2015-8460 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8634 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8635 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8636 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8638 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8639 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8640 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8641 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8642 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8643 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8644 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8645 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8646 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8647 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8648 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8649 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8650 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2015-8651 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C) CVE-2016-0702 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 1.9 (AV:L/AC:M/Au:N/C:P/I:N/A:N) CVE-2016-0705 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2016-0777 4.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N) CVE-2016-0778 5.0 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L 4.6 (AV:N/AC:H/Au:S/C:P/I:P/A:P) CVE-2016-0797 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-0799 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2016-1521 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-1907 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-2105 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-2106 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-2107 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N 2.6 (AV:N/AC:H/Au:N/C:P/I:N/A:N) CVE-2016-2109 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C) CVE-2016-2183 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N) CVE-2016-2842 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) CVE-2016-3739 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N 2.6 (AV:N/AC:H/Au:N/C:N/I:P/A:N) CVE-2016-4070 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P) CVE-2016-4071 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-4072 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-4342 8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H 8.3 (AV:N/AC:M/Au:N/C:P/I:P/A:C) CVE-2016-4343 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P) CVE-2016-4393 4.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N 3.5 (AV:N/AC:M/Au:S/C:N/I:P/A:N) CVE-2016-4394 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 5.8 (AV:N/AC:M/Au:N/C:N/I:P/A:P) CVE-2016-4395 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 7.8 (AV:N/AC:L/Au:N/C:N/I:C/A:N) CVE-2016-4396 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 7.8 (AV:N/AC:L/Au:N/C:N/I:C/A:N) CVE-2016-4537 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-4538 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-4539 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-4540 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-4541 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-4542 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-4543 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P) CVE-2016-5385 5.6 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P) CVE-2016-5387 5.6 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P) CVE-2016-5388 5.6 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P) CVE-2016-8513 5.7 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N 6.8 (AV:N/AC:L/Au:S/C:C/I:N/A:N) CVE-2016-8514 5.7 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N 6.8 (AV:N/AC:L/Au:S/C:C/I:N/A:N) CVE-2016-8515 3.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N) CVE-2016-8516 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P) CVE-2016-8517 6.8 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N 7.9 (AV:N/AC:M/Au:S/C:C/I:C/A:N) CVE-2016-8518 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 7.8 (AV:N/AC:L/Au:N/C:N/I:C/A:N) CVE-2017-5787 5.7 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H 6.8 (AV:N/AC:L/Au:S/C:N/I:N/A:C) Information on CVSS is documented in HPE Customer Notice HPSN-2008-002 here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499 RESOLUTION HPE has released the following software updates to resolve these vulnerabilities in HPE Insight Control. The HPE Insight Control 7.6 Update kit applicable to HPE Insight Control 7.6 installations is available at the following location: <https://h20392.www2.hpe.com/portal/swdepot/displayProductInfo.do?productNumb r=IMDVD> HPE has addressed these vulnerabilities for the impacted software components bundled with HPE Insight Control in the following HPE Security Bulletins: HPE Systems Insight Manager (SIM) (HPE Security Bulletin: HPSBMU03668) * <https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05356388> HPE System Management Homepage (SMH) (HPE Security Bulletin: HPSBMU03593) * <http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05320149> Version Control Repository Manager (VCRM) (HPE Security Bulletin: HPSBMU03684) * <https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05356363> HPE Insight Control server provisioning (HPE Security Bulletin: HPSBMU03685) * <http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05376917> HISTORY Version:1 (rev.1) - 14 February 2017 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX Copyright 2016 Hewlett Packard Enterprise Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJYozemAAoJELXhAxt7SZaiyq8H/Rlxf8UBpl53oh8s78cun1AA 1hTA/MO+IhKr2QRhjRTNvoh6ccVzcAIQfwovPQKWfBDgB+rTH7Qt7G9Kp5VcTFXI c+oObVcNXRHrquROlddOGM9cQPtWUJU1ZiPcVPT0sGJo7wNAPBO2/QjicOfDgtz5 thrXhlQRp+eOUdHoDlpkqdinwSZG0f/Zdc0AAEetCatj7sGbugLFp8A9dE4CMtnG r/8Xpa7sFaHtJioCVYar4wP0fMU8ldW0ood8OIj5arkdiTSAfHsxpNhlTAkyMhBP JrzUZ9bkmX8ZJKeV4l60vEcPsqeGN6tkX6CZ6a82lOoHkPzdIKAiBQUlAcAUFdk= =wHFj -----END PGP SIGNATURE----- . Background ========== The Adobe Flash Player is a renderer for the SWF file format, which is commonly used to provide interactive websites. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Adobe Flash Player users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=www-plugins/adobe-flash-11.2.202.508" References ========== [ 1 ] CVE-2015-3107 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3107 [ 2 ] CVE-2015-5122 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5122 [ 3 ] CVE-2015-5123 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5123 [ 4 ] CVE-2015-5124 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5124 [ 5 ] CVE-2015-5125 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5125 [ 6 ] CVE-2015-5127 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5127 [ 7 ] CVE-2015-5129 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5129 [ 8 ] CVE-2015-5130 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5130 [ 9 ] CVE-2015-5131 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5131 [ 10 ] CVE-2015-5132 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5132 [ 11 ] CVE-2015-5133 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5133 [ 12 ] CVE-2015-5134 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5134 [ 13 ] CVE-2015-5539 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5539 [ 14 ] CVE-2015-5540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5540 [ 15 ] CVE-2015-5541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5541 [ 16 ] CVE-2015-5544 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5544 [ 17 ] CVE-2015-5545 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5545 [ 18 ] CVE-2015-5546 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5546 [ 19 ] CVE-2015-5547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5547 [ 20 ] CVE-2015-5548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5548 [ 21 ] CVE-2015-5549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5549 [ 22 ] CVE-2015-5550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5550 [ 23 ] CVE-2015-5551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5551 [ 24 ] CVE-2015-5552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5552 [ 25 ] CVE-2015-5553 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5553 [ 26 ] CVE-2015-5554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5554 [ 27 ] CVE-2015-5555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5555 [ 28 ] CVE-2015-5556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5556 [ 29 ] CVE-2015-5557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5557 [ 30 ] CVE-2015-5558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5558 [ 31 ] CVE-2015-5559 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5559 [ 32 ] CVE-2015-5560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5560 [ 33 ] CVE-2015-5561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5561 [ 34 ] CVE-2015-5562 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5562 [ 35 ] CVE-2015-5563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5563 [ 36 ] CVE-2015-5564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5564 [ 37 ] CVE-2015-5965 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5965 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201508-01 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2015 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

Trust: 2.25

sources: NVD: CVE-2015-5125 // JVNDB: JVNDB-2015-004073 // BID: 76291 // VULHUB: VHN-83086 // VULMON: CVE-2015-5125 // PACKETSTORM: 141092 // PACKETSTORM: 133099

AFFECTED PRODUCTS

vendor:	opensuse	model:	evergreen	scope:	eq	version:	11.4	Trust: 1.6
vendor:	adobe	model:	air sdk \& compiler	scope:	lte	version:	18.0.0.180	Trust: 1.0
vendor:	adobe	model:	air sdk	scope:	lte	version:	18.0.0.180	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	lte	version:	11.2.202.491	Trust: 1.0
vendor:	adobe	model:	air	scope:	lte	version:	18.0.0.180	Trust: 1.0
vendor:	adobe	model:	flash player	scope:	lte	version:	18.0.0.209	Trust: 1.0
vendor:	google	model:	chrome	scope:	-	version:	-	Trust: 0.8
vendor:	adobe	model:	air	scope:	lt	version:	desktop runtime 18.0.0.199 (windows/macintosh)	Trust: 0.8
vendor:	adobe	model:	air sdk	scope:	lt	version:	18.0.0.199 (windows/macintosh/android/ios)	Trust: 0.8
vendor:	adobe	model:	air sdk & compiler	scope:	lt	version:	18.0.0.199 (windows/macintosh/android/ios)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	11.2.202.508 (linux)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	18.0.0.232 (internet explorer 10/11)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	18.0.0.232 (microsoft edge)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	18.0.0.232 (windows/macintosh edition chrome)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	18.0.0.233 (linux/chrome os edition chrome)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	desktop runtime 18.0.0.232 (windows/macintosh)	Trust: 0.8
vendor:	adobe	model:	flash player	scope:	lt	version:	continuous support release 18.0.0.232 (windows/macintosh)	Trust: 0.8
vendor:	microsoft	model:	edge	scope:	eq	version:	(windows 10)	Trust: 0.8
vendor:	microsoft	model:	internet explorer	scope:	eq	version:	10 (windows 8/windows server 2012/windows rt)	Trust: 0.8
vendor:	microsoft	model:	internet explorer	scope:	eq	version:	11 (windows 8.1/windows server 2012 r2/windows rt 8.1/windows 10)	Trust: 0.8
vendor:	gentoo	model:	linux	scope:	-	version:	-	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.53.64	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.51.66	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.452	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.3218	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.22.87	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.15.3	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.12.36	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.12.35	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.262	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.2460	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.152.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.151.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.124.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.48.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.45.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.31.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.289.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.283.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.280	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.28.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.277.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.262.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.260.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.246.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.159.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.155.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9.0.115.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	9	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	8.0.35.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	8.0.34.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	8	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.73.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.70.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.69.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.68.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.67.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.66.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.61.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.60.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.53.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.24.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.19.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7.0.14.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	6.0.79	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	6.0.21.0	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.233	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.229	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.228	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.2.202.223	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.115.8	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.115.7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.115.6	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.112.61	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.9	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.8	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.6	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.111.5	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.102.63	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.102.62	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.102.55	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.1.102.228	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	11.0.1.152	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.6	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.3	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.186.2	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.25	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.23	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.22	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.185.21	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.7	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.5	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.4	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.183.10	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.34	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.26	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.23	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.22	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.16	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.3.181.14	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.159.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.157.51	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.156.12	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.28	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.27	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.25	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.24	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.18	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.154.13	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.153.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152.33	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152.32	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152.21	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.2.152	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.95.2	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.95.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.92.8	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.92.10	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.85.3	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.82.76	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.52.15	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.52.14.1	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.106.16	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.105.6	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.102.65	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.1.102.64	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.42.34	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10.0.32.18	Trust: 0.3
vendor:	adobe	model:	flash player	scope:	eq	version:	10	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.0.4	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.0.3	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.3.9130	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.3.9120	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.3	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.2	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5.1	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	3.2.0.2080	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	3.2.0.2070	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	3.1.0.4880	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	3.0	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.7.1.1961	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.7.1	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.7	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.6.19140	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.6.19120	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.6	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.5.1	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.0.2.12610	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	2.0.2	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.5	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.1	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.01	Trust: 0.3
vendor:	adobe	model:	air	scope:	eq	version:	1.0	Trust: 0.3

sources: BID: 76291 // JVNDB: JVNDB-2015-004073 // CNNVD: CNNVD-201508-209 // NVD: CVE-2015-5125

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-5125
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-5125
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201508-209
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-83086
value:	HIGH
Trust: 0.1
VULMON:	CVE-2015-5125
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-5125
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-83086
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-83086 // VULMON: CVE-2015-5125 // JVNDB: JVNDB-2015-004073 // CNNVD: CNNVD-201508-209 // NVD: CVE-2015-5125

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-83086 // JVNDB: JVNDB-2015-004073 // NVD: CVE-2015-5125

THREAT TYPE

remote

Trust: 0.8

sources: PACKETSTORM: 141092 // PACKETSTORM: 133099 // CNNVD: CNNVD-201508-209

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201508-209

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-004073

PATCH

title:	APSB15-19	url:	https://helpx.adobe.com/security/products/flash-player/apsb15-19.html	Trust: 0.8
title:	APSB15-19	url:	https://helpx.adobe.com/jp/security/products/flash-player/apsb15-19.html	Trust: 0.8
title:	Google Chrome を更新する	url:	https://support.google.com/chrome/answer/95414?hl=ja	Trust: 0.8
title:	Google Chrome	url:	https://www.google.com/intl/ja/chrome/browser/features.html	Trust: 0.8
title:	Chrome Releases	url:	http://googlechromereleases.blogspot.jp/	Trust: 0.8
title:	Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge (2755801)	url:	https://technet.microsoft.com/en-us/library/security/2755801	Trust: 0.8
title:	Internet Explorer および Microsoft Edge 上の Adobe Flash Player の脆弱性に対応する更新プログラム (2755801)	url:	https://technet.microsoft.com/ja-jp/library/security/2755801	Trust: 0.8
title:	アドビシステムズ社 Adobe Flash Player の脆弱性に関するお知らせ	url:	http://www.fmworld.net/biz/common/adobe/20150813f.html	Trust: 0.8
title:	flashplayer_11.2.202.508_sa_debug.i386	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=57144	Trust: 0.6
title:	flashplayer_18.0.0.232_sa_debug	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=57143	Trust: 0.6
title:	flashplayer_18.0.0.232_sa_debug	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=57142	Trust: 0.6
title:	AIRSDKCompiler-18.0.0.199	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=57148	Trust: 0.6
title:	AIRSDKCompiler-18.0.0.199	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=57147	Trust: 0.6
title:	Red Hat: CVE-2015-5125	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2015-5125	Trust: 0.1
title:	CVE-Study	url:	https://github.com/thdusdl1219/CVE-Study	Trust: 0.1

sources: VULMON: CVE-2015-5125 // JVNDB: JVNDB-2015-004073 // CNNVD: CNNVD-201508-209

EXTERNAL IDS

db:	NVD	id:	CVE-2015-5125	Trust: 3.1
db:	BID	id:	76291	Trust: 2.1
db:	SECTRACK	id:	1033235	Trust: 1.2
db:	JVNDB	id:	JVNDB-2015-004073	Trust: 0.8
db:	CNNVD	id:	CNNVD-201508-209	Trust: 0.7
db:	PACKETSTORM	id:	133229	Trust: 0.1
db:	VULHUB	id:	VHN-83086	Trust: 0.1
db:	VULMON	id:	CVE-2015-5125	Trust: 0.1
db:	PACKETSTORM	id:	141092	Trust: 0.1
db:	PACKETSTORM	id:	133099	Trust: 0.1

sources: VULHUB: VHN-83086 // VULMON: CVE-2015-5125 // BID: 76291 // JVNDB: JVNDB-2015-004073 // PACKETSTORM: 141092 // PACKETSTORM: 133099 // CNNVD: CNNVD-201508-209 // NVD: CVE-2015-5125

REFERENCES

url:	http://www.securityfocus.com/bid/76291	Trust: 1.8
url:	https://helpx.adobe.com/security/products/flash-player/apsb15-19.html	Trust: 1.8
url:	https://security.gentoo.org/glsa/201508-01	Trust: 1.3
url:	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05356388	Trust: 1.2
url:	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390722	Trust: 1.2
url:	http://www.securitytracker.com/id/1033235	Trust: 1.2
url:	http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-5125	Trust: 0.8
url:	https://www.ipa.go.jp/security/ciadr/vul/20150812-adobeflashplayer.html	Trust: 0.8
url:	http://www.jpcert.or.jp/at/2015/at150029.html	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-5125	Trust: 0.8
url:	http://www.npa.go.jp/cyberpolice/topics/?seq=16704	Trust: 0.8
url:	http://www.adobe.com/products/air/	Trust: 0.3
url:	http://www.adobe.com/products/flash/	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5540	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5134	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5550	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5553	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5132	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5556	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5545	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5554	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5131	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5129	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5539	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5555	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5133	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5546	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5551	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5544	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5127	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5552	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5547	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5548	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5549	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5130	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5541	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5125	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/119.html	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=40669	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05356363>	Trust: 0.1
url:	http://www.hpe.com/support/security_bulletin_archive	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2011-4345	Trust: 0.1
url:	http://www.hpe.com/support/subscriber_choice	Trust: 0.1
url:	http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05320149>	Trust: 0.1
url:	https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05356388>	Trust: 0.1
url:	https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499	Trust: 0.1
url:	https://www.hpe.com/info/report-security-vulnerability	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-0050	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2014-4877	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2009-5028	Trust: 0.1
url:	http://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05376917>	Trust: 0.1
url:	https://h20392.www2.hpe.com/portal/swdepot/displayproductinfo.do?productnumb	Trust: 0.1
url:	https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05390722	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5551	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5134	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5557	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5560	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5561	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5548	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5130	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5131	Trust: 0.1
url:	https://security.gentoo.org/	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5123	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5123	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5563	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5550	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5129	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-3107	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5564	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5552	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5554	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5133	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5124	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5544	Trust: 0.1
url:	http://creativecommons.org/licenses/by-sa/2.5	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5547	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3107	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5122	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5125	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-5122	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5553	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5562	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5132	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5541	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5556	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5127	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5539	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5540	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5558	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5124	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5545	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5546	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5559	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5555	Trust: 0.1
url:	https://bugs.gentoo.org.	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5965	Trust: 0.1
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5549	Trust: 0.1

CREDITS

Chris Evans of Google Project Zero

Trust: 0.9

sources: BID: 76291 // CNNVD: CNNVD-201508-209

SOURCES

db:	VULHUB	id:	VHN-83086
db:	VULMON	id:	CVE-2015-5125
db:	BID	id:	76291
db:	JVNDB	id:	JVNDB-2015-004073
db:	PACKETSTORM	id:	141092
db:	PACKETSTORM	id:	133099
db:	CNNVD	id:	CNNVD-201508-209
db:	NVD	id:	CVE-2015-5125

LAST UPDATE DATE

2024-11-23T20:12:23.303000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-83086	date:	2017-09-21T00:00:00
db:	VULMON	id:	CVE-2015-5125	date:	2017-09-21T00:00:00
db:	BID	id:	76291	date:	2015-11-03T20:08:00
db:	JVNDB	id:	JVNDB-2015-004073	date:	2015-08-17T00:00:00
db:	CNNVD	id:	CNNVD-201508-209	date:	2015-08-13T00:00:00
db:	NVD	id:	CVE-2015-5125	date:	2024-11-21T02:32:24.880

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-83086	date:	2015-08-14T00:00:00
db:	VULMON	id:	CVE-2015-5125	date:	2015-08-14T00:00:00
db:	BID	id:	76291	date:	2015-08-11T00:00:00
db:	JVNDB	id:	JVNDB-2015-004073	date:	2015-08-17T00:00:00
db:	PACKETSTORM	id:	141092	date:	2017-02-15T00:39:05
db:	PACKETSTORM	id:	133099	date:	2015-08-17T15:41:19
db:	CNNVD	id:	CNNVD-201508-209	date:	2015-08-13T00:00:00
db:	NVD	id:	CVE-2015-5125	date:	2015-08-14T01:59:18.017