CVE-2015-0301

EPSS 7.4%
Veröffentlicht 13.01.2015 23:59:00
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle psirt@adobe.com
Teams Watchlist Login
Unerledigt Login

Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 do not properly validate files, which has unspecified impact and attack vectors.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 13

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Adobe ≫ Adobe Air Sdk And Compiler Version <= 15.0.0.356

Adobe ≫ Adobe Air SwPlatformandroid Version <= 15.0.0.356

Adobe ≫ Adobe Air Version <= 15.0.0.356

Apple ≫ macOS X
Microsoft ≫ Windows

Adobe ≫ Adobe Air Sdk Version <= 15.0.0.356

Adobe ≫ Flash Player Version11.2.202.425

Linux ≫ Linux Kernel

Adobe ≫ Flash Player Version <= 13.0.0.259

Apple ≫ macOS X
Microsoft ≫ Windows

Adobe ≫ Flash Player Version14.0.0.125

Apple ≫ macOS X
Microsoft ≫ Windows

Adobe ≫ Flash Player Version14.0.0.145

Apple ≫ macOS X
Microsoft ≫ Windows

Adobe ≫ Flash Player Version14.0.0.176

Apple ≫ macOS X
Microsoft ≫ Windows

Adobe ≫ Flash Player Version14.0.0.179

Apple ≫ macOS X
Microsoft ≫ Windows

Adobe ≫ Flash Player Version15.0.0.144

Apple ≫ macOS X
Microsoft ≫ Windows

Adobe ≫ Flash Player Version15.0.0.152

Apple ≫ macOS X
Microsoft ≫ Windows

Adobe ≫ Flash Player Version15.0.0.167

Apple ≫ macOS X
Microsoft ≫ Windows

Adobe ≫ Flash Player Version15.0.0.189

Apple ≫ macOS X
Microsoft ≫ Windows

Adobe ≫ Flash Player Version15.0.0.223

Apple ≫ macOS X
Microsoft ≫ Windows

Adobe ≫ Flash Player Version15.0.0.238

Apple ≫ macOS X
Microsoft ≫ Windows

Adobe ≫ Flash Player Version15.0.0.239

Apple ≫ macOS X
Microsoft ≫ Windows

Adobe ≫ Flash Player Version15.0.0.246

Apple ≫ macOS X
Microsoft ≫ Windows

Adobe ≫ Flash Player Version16.0.0.234

Apple ≫ macOS X
Microsoft ≫ Windows

Adobe ≫ Flash Player Version16.0.0.235

Apple ≫ macOS X
Microsoft ≫ Windows

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	7.4%	0.912

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://helpx.adobe.com/security/products/flash-player/apsb15-01.html

Vendor Advisory

http://secunia.com/advisories/62177

http://secunia.com/advisories/62187

http://secunia.com/advisories/62252

http://secunia.com/advisories/62371

http://secunia.com/advisories/62740

http://security.gentoo.org/glsa/glsa-201502-02.xml

http://www.securityfocus.com/bid/72034

http://www.securitytracker.com/id/1031525

https://exchange.xforce.ibmcloud.com/vulnerabilities/99981

https://nvd.nist.gov/vuln/detail/CVE-2015-0301

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-0301

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-0301

EUVD