5
CVE-2015-3097
- EPSS 9.22%
- Published 10.06.2015 01:59:40
- Last modified 12.04.2025 10:46:40
- Source psirt@adobe.com
- Teams watchlist Login
- Open Login
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160, Adobe AIR before 18.0.0.144, Adobe AIR SDK before 18.0.0.144, and Adobe AIR SDK & Compiler before 18.0.0.144 on 64-bit Windows 7 systems do not properly select a random memory address for the Flash heap, which makes it easier for attackers to conduct unspecified attacks by predicting this address.
Data is provided by the National Vulnerability Database (NVD)
Adobe ≫ Flash Player Version <= 13.0.0.289
Adobe ≫ Flash Player Version14.0.0.125
Adobe ≫ Flash Player Version14.0.0.145
Adobe ≫ Flash Player Version14.0.0.176
Adobe ≫ Flash Player Version14.0.0.179
Adobe ≫ Flash Player Version15.0.0.152
Adobe ≫ Flash Player Version15.0.0.167
Adobe ≫ Flash Player Version15.0.0.189
Adobe ≫ Flash Player Version15.0.0.223
Adobe ≫ Flash Player Version15.0.0.239
Adobe ≫ Flash Player Version15.0.0.246
Adobe ≫ Flash Player Version16.0.0.235
Adobe ≫ Flash Player Version16.0.0.257
Adobe ≫ Flash Player Version16.0.0.287
Adobe ≫ Flash Player Version16.0.0.296
Adobe ≫ Flash Player Version17.0.0.134
Adobe ≫ Flash Player Version17.0.0.169
Adobe ≫ Flash Player Version17.0.0.188
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 9.22% | 0.924 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.