← Voltar para CVEs
CVE-2015-3113
CRITICALCISA KEV9.8
Descricao
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.
Detalhes CVE
Pontuacao CVSS v3.19.8
SeveridadeCRITICAL
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado6/23/2015
Ultima modificacao11/17/2025
Fontekev
Avistamentos honeypot0
CISA KEV
FornecedorAdobe
ProdutoFlash Player
Nome da vulnerabilidadeAdobe Flash Player Heap-Based Buffer Overflow Vulnerability
Data inclusao KEV2022-04-13
Prazo de remediacao2022-05-04
Uso em ransomwareUnknown
Produtos afetados
adobe:flash_playerapple:mac_os_xhp:insight_orchestrationhp:system_management_homepagehp:systems_insight_managerhp:version_control_agenthp:version_control_repository_managerhp:virtual_connect_enterprise_managerlinux:linux_kernelmicrosoft:windowsopensuse:evergreenopensuse:opensuseredhat:enterprise_linux_desktopredhat:enterprise_linux_eusredhat:enterprise_linux_serverredhat:enterprise_linux_workstationsuse:linux_enterprise_desktopsuse:linux_enterprise_workstation_extension
Fraquezas (CWE)
CWE-787CWE-122
Referencias
http://marc.info/?l=bugtraq&m=144050155601375&w=2(psirt@adobe.com)
http://rhn.redhat.com/errata/RHSA-2015-1184.html(psirt@adobe.com)
http://www.securityfocus.com/bid/75371(psirt@adobe.com)
http://www.securitytracker.com/id/1032696(psirt@adobe.com)
https://bugzilla.redhat.com/show_bug.cgi?id=1235036(psirt@adobe.com)
https://bugzilla.suse.com/show_bug.cgi?id=935701(psirt@adobe.com)
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467(psirt@adobe.com)
https://security.gentoo.org/glsa/201507-13(psirt@adobe.com)
https://www.suse.com/security/cve/CVE-2015-3113.html(psirt@adobe.com)
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00025.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00002.html(af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=144050155601375&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2015-1184.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/75371(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1032696(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=1235036(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.suse.com/show_bug.cgi?id=935701(af854a3a-2127-422b-91ae-364da2661108)
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467(af854a3a-2127-422b-91ae-364da2661108)
https://helpx.adobe.com/security/products/flash-player/apsb15-14.html(af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/201507-13(af854a3a-2127-422b-91ae-364da2661108)
https://www.suse.com/security/cve/CVE-2015-3113.html(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/cisagov/vulnrichment/issues/196(134c704f-9b21-4f2e-91b3-4a467353bcc0)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-3113(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.