TROYANOSYVIRUS
Retour aux CVEs

CVE-2015-0313

CRITICALCISA KEV
9.8

Description

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322.

Details CVE

Score CVSS v3.19.8
SeveriteCRITICAL
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie2/2/2015
Derniere modification11/17/2025
Sourcekev
Observations honeypot0

CISA KEV

FournisseurAdobe
ProduitFlash Player
Nom vulnerabiliteAdobe Flash Player Use-After-Free Vulnerability
Date ajout KEV2022-04-13
Date limite remediation2022-05-04
Utilise dans ransomwareUnknown

Produits affectes

adobe:flash_playerapple:mac_os_xlinux:linux_kernelmicrosoft:edgemicrosoft:internet_explorermicrosoft:windowsmicrosoft:windows_10_1507microsoft:windows_8microsoft:windows_8.1microsoft:windows_rtmicrosoft:windows_rt_8.1microsoft:windows_server_2012opensuse:evergreenopensuse:opensusesuse:linux_enterprise_desktopsuse:linux_enterprise_workstation_extension

Faiblesses (CWE)

CWE-416CWE-416

References

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00006.html(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00007.html(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00008.html(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00009.html(psirt@adobe.com)
http://packetstormsecurity.com/files/131189/Adobe-Flash-Player-ByteArray-With-Workers-Use-After-Free.html(psirt@adobe.com)
http://secunia.com/advisories/62528(psirt@adobe.com)
http://secunia.com/advisories/62777(psirt@adobe.com)
http://secunia.com/advisories/62895(psirt@adobe.com)
http://www.osvdb.org/117853(psirt@adobe.com)
http://www.securityfocus.com/bid/72429(psirt@adobe.com)
http://www.securitytracker.com/id/1031686(psirt@adobe.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/100641(psirt@adobe.com)
https://helpx.adobe.com/security/products/flash-player/apsa15-02.html(psirt@adobe.com)
https://helpx.adobe.com/security/products/flash-player/apsb15-04.html(psirt@adobe.com)
https://technet.microsoft.com/library/security/2755801(psirt@adobe.com)
https://www.exploit-db.com/exploits/36579/(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00006.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00007.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00008.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00009.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/131189/Adobe-Flash-Player-ByteArray-With-Workers-Use-After-Free.html(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/62528(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/62777(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/62895(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/117853(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/72429(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1031686(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/100641(af854a3a-2127-422b-91ae-364da2661108)
https://helpx.adobe.com/security/products/flash-player/apsa15-02.html(af854a3a-2127-422b-91ae-364da2661108)
https://helpx.adobe.com/security/products/flash-player/apsb15-04.html(af854a3a-2127-422b-91ae-364da2661108)
https://technet.microsoft.com/library/security/2755801(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/36579/(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/cisagov/vulnrichment/issues/196(134c704f-9b21-4f2e-91b3-4a467353bcc0)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-0313(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.