← Retour aux CVEs
CVE-2015-0310
HIGHCISA KEV7.8
Description
Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before 16.0.0.287 on Windows and OS X and before 11.2.202.438 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism on Windows, and have an unspecified impact on other platforms, via unknown vectors, as exploited in the wild in January 2015.
Details CVE
Score CVSS v3.17.8
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurREQUIRED
Publie1/23/2015
Derniere modification4/21/2026
Sourcekev
Observations honeypot0
CISA KEV
FournisseurAdobe
ProduitFlash Player
Nom vulnerabiliteAdobe Flash Player ASLR Bypass Vulnerability
Date ajout KEV2022-05-25
Date limite remediation2022-06-15
Utilise dans ransomwareUnknown
Produits affectes
adobe:flash_playerapple:mac_os_xlinux:linux_kernelmicrosoft:windows
Faiblesses (CWE)
CWE-200
References
http://helpx.adobe.com/security/products/flash-player/apsb15-02.html(psirt@adobe.com)
http://secunia.com/advisories/62452(psirt@adobe.com)
http://secunia.com/advisories/62601(psirt@adobe.com)
http://secunia.com/advisories/62660(psirt@adobe.com)
http://secunia.com/advisories/62740(psirt@adobe.com)
http://security.gentoo.org/glsa/glsa-201502-02.xml(psirt@adobe.com)
http://www.securityfocus.com/bid/72261(psirt@adobe.com)
http://www.securitytracker.com/id/1031609(psirt@adobe.com)
http://helpx.adobe.com/security/products/flash-player/apsb15-02.html(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/62452(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/62601(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/62660(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/62740(af854a3a-2127-422b-91ae-364da2661108)
http://security.gentoo.org/glsa/glsa-201502-02.xml(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/72261(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1031609(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/cisagov/vulnrichment/issues/196(134c704f-9b21-4f2e-91b3-4a467353bcc0)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-0310(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.