10
CVE-2015-3043
- EPSS 86.51%
- Veröffentlicht 14.04.2015 22:59:21
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle psirt@adobe.com
- Teams Watchlist Login
- Unerledigt Login
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in April 2015, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, and CVE-2015-3042.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Flash Player Version < 11.2.202.457
Adobe ≫ Flash Player Version >= 14.0.0.125 < 17.0.0.169
Novell ≫ Suse Linux Enterprise Desktop Version11.0 Updatesp3
Novell ≫ Suse Linux Enterprise Desktop Version12.0
Novell ≫ Suse Linux Enterprise Workstation Extension Version12.0
Redhat ≫ Enterprise Linux Desktop Version5.0
Redhat ≫ Enterprise Linux Desktop Version6.0
Redhat ≫ Enterprise Linux Eus Version6.6
Redhat ≫ Enterprise Linux Server Version5.0
Redhat ≫ Enterprise Linux Server Version6.0
Redhat ≫ Enterprise Linux Server Aus Version6.6
Redhat ≫ Enterprise Linux Server From Rhui Version5.0
Redhat ≫ Enterprise Linux Server From Rhui Version6.0
Redhat ≫ Enterprise Linux Workstation Version5.0
Redhat ≫ Enterprise Linux Workstation Version6.0
03.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog
Adobe Flash Player Memory Corruption Vulnerability
SchwachstelleA memory corruption vulnerability exists in Adobe Flash Player that allows an attacker to perform remote code execution.
BeschreibungThe impacted product is end-of-life and should be disconnected if still in use.
Erforderliche Maßnahmen| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 86.51% | 0.994 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.