10 - CVE-2015-5130

Executive Summary

Informations
Name	CVE-2015-5130	First vendor Publication	2015-08-13
Vendor	Cve	Last vendor Modification	2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5130

CPE : Common Platform Enumeration

Type	Description	Count
Application	Adobe Air cpe:2.3:a:adobe:air:18.0.0.180:::::::* cpe:2.3:a:adobe:air:18.0.0.144:::::::* cpe:2.3:a:adobe:air:18.0.0.143:::::::* cpe:2.3:a:adobe:air:17.0.0.172:::::::* cpe:2.3:a:adobe:air:17.0.0.144:::::::* cpe:2.3:a:adobe:air:15.0.0.356:::::::* cpe:2.3:a:adobe:air:15.0.0.293:::::::* cpe:2.3:a:adobe:air:15.0.0.292:::::::* cpe:2.3:a:adobe:air:3.5:::::::* cpe:2.3:a:adobe:air:3.4:::::::* cpe:2.3:a:adobe:air:3.3:::::::* cpe:2.3:a:adobe:air:3.2:::::::* cpe:2.3:a:adobe:air:2.7.1.1961:::::::* cpe:2.3:a:adobe:air:2.7.0.1953:::::::* cpe:2.3:a:adobe:air:2.7.0.1948:::::::* cpe:2.3:a:adobe:air:2.6:::::::* cpe:2.3:a:adobe:air:2.5.1:::::::* cpe:2.3:a:adobe:air:2.5:::::::* cpe:2.3:a:adobe:air:2.0.0:::::::* cpe:2.3:a:adobe:air:1.5.3.9130:::::::* cpe:2.3:a:adobe:air:1.5.3:::::::* cpe:2.3:a:adobe:air:1.5.2:::::::* cpe:2.3:a:adobe:air:1.5.1:::::::* cpe:2.3:a:adobe:air:1.5:::::::* cpe:2.3:a:adobe:air:1.1:::::::* cpe:2.3:a:adobe:air:1.01:::::::* cpe:2.3:a:adobe:air:1.0:::::::* cpe:2.3:a:adobe:air::::::::	28
Application	Adobe Air Sdk cpe:2.3:a:adobe:air_sdk:18.0.0.180:::::::* cpe:2.3:a:adobe:air_sdk:18.0.0.144:::::::* cpe:2.3:a:adobe:air_sdk:17.0.0.172:::::::* cpe:2.3:a:adobe:air_sdk:17.0.0.144:::::::* cpe:2.3:a:adobe:air_sdk:15.0.0.356:::::::* cpe:2.3:a:adobe:air_sdk:15.0.0.302:::::::* cpe:2.3:a:adobe:air_sdk:15.0.0.301:::::::* cpe:2.3:a:adobe:air_sdk:3.8.0.1430:::::::* cpe:2.3:a:adobe:air_sdk:3.7.2090:::::::* cpe:2.3:a:adobe:air_sdk:3.6.0.6090:::::::* cpe:2.3:a:adobe:air_sdk:3.5.0.890:::::::* cpe:2.3:a:adobe:air_sdk:3.5.0.600:::::::* cpe:2.3:a:adobe:air_sdk:3.5.0.1060:::::::* cpe:2.3:a:adobe:air_sdk:3.4.0.2710:::::::* cpe:2.3:a:adobe:air_sdk:3.4.0.2540:::::::* cpe:2.3:a:adobe:air_sdk:3.0.0.4080:::::::* cpe:2.3:a:adobe:air_sdk::::::::	17
Os	Opensuse Evergreen cpe:2.3:o:opensuse:evergreen:11.4:::::::*	1

Snort® IPS/IDS

Date	Description
2016-03-14	Adobe Flash Player scrollRect property use after free attempt RuleID : 36505 - Revision : 2 - Type : FILE-FLASH
2016-03-14	Adobe Flash Player scrollRect property use after free attempt RuleID : 36504 - Revision : 2 - Type : FILE-FLASH
2016-03-14	Adobe Flash Player scrollRect property use after free attempt RuleID : 36503 - Revision : 2 - Type : FILE-FLASH
2016-03-14	Adobe Flash Player scrollRect property use after free attempt RuleID : 36502 - Revision : 2 - Type : FILE-FLASH

Nessus® Vulnerability Scanner

Date	Description
2015-09-23	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201508-01.nasl - Type : ACT_GATHER_INFO
2015-08-20	Name : The remote Windows host contains a web browser that is affected by multiple v... File : google_chrome_44_0_2403_155.nasl - Type : ACT_GATHER_INFO
2015-08-20	Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_44_0_2403_155.nasl - Type : ACT_GATHER_INFO
2015-08-17	Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-545.nasl - Type : ACT_GATHER_INFO
2015-08-17	Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-546.nasl - Type : ACT_GATHER_INFO
2015-08-13	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_f3778328d2884b3986a465877331eaf7.nasl - Type : ACT_GATHER_INFO
2015-08-13	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2015-1603.nasl - Type : ACT_GATHER_INFO
2015-08-13	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1373-1.nasl - Type : ACT_GATHER_INFO
2015-08-13	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1374-1.nasl - Type : ACT_GATHER_INFO
2015-08-11	Name : The remote Windows host has a version of Adobe AIR installed that is affected... File : adobe_air_apsb15-19.nasl - Type : ACT_GATHER_INFO
2015-08-11	Name : The remote Windows host has a browser plugin installed that is affected by mu... File : flash_player_apsb15-19.nasl - Type : ACT_GATHER_INFO
2015-08-11	Name : The remote Mac OS X host has a version of Adobe AIR installed that is affecte... File : macosx_adobe_air_apsb15-19.nasl - Type : ACT_GATHER_INFO
2015-08-11	Name : The remote Mac OS X host has a browser plugin installed that is affected by m... File : macosx_flash_player_apsb15-19.nasl - Type : ACT_GATHER_INFO
2015-08-11	Name : The remote Windows host has a browser plugin installed that is affected by mu... File : smb_kb3087916.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html
http://rhn.redhat.com/errata/RHSA-2015-1603.html
http://www.securityfocus.com/bid/76288
http://www.securitytracker.com/id/1033235
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n...
https://helpx.adobe.com/security/products/flash-player/apsb15-19.html
https://security.gentoo.org/glsa/201508-01
https://www.exploit-db.com/exploits/37854/

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-11-28 12:48:14	Multiple Updates
2021-05-04 12:40:37	Multiple Updates
2021-04-22 01:49:33	Multiple Updates
2020-05-23 01:56:12	Multiple Updates
2020-05-23 00:45:52	Multiple Updates
2019-09-27 12:07:27	Multiple Updates
2019-08-27 12:07:23	Multiple Updates
2019-07-30 12:07:21	Multiple Updates
2019-07-28 12:03:37	Multiple Updates
2019-07-17 12:07:13	Multiple Updates
2019-06-15 12:06:59	Multiple Updates
2018-12-14 12:04:11	Multiple Updates
2018-10-30 12:07:56	Multiple Updates
2018-07-05 12:01:31	Multiple Updates
2018-03-02 01:01:55	Multiple Updates
2018-01-05 09:23:30	Multiple Updates
2017-09-21 09:25:21	Multiple Updates
2017-09-17 09:23:32	Multiple Updates
2017-09-08 12:05:15	Multiple Updates
2017-02-17 09:23:52	Multiple Updates
2017-02-08 09:31:28	Multiple Updates
2016-12-22 09:24:01	Multiple Updates
2016-12-20 09:24:43	Multiple Updates
2016-12-09 00:23:47	Multiple Updates
2016-12-08 09:23:46	Multiple Updates
2016-11-29 00:25:18	Multiple Updates
2016-11-04 12:03:09	Multiple Updates
2016-10-18 12:04:35	Multiple Updates
2016-10-15 12:04:06	Multiple Updates
2016-09-21 12:02:04	Multiple Updates
2016-07-14 12:01:29	Multiple Updates
2016-06-29 01:00:08	Multiple Updates
2016-04-27 02:34:40	Multiple Updates
2015-09-24 13:24:18	Multiple Updates
2015-08-21 13:20:27	Multiple Updates
2015-08-19 00:25:05	Multiple Updates
2015-08-18 13:35:45	Multiple Updates
2015-08-14 21:24:50	Multiple Updates
2015-08-14 09:33:50	First insertion

Global Informations

Type	Count
CPE ID(s)	46
Sources(s)	10
Snort® Rule(s)	4
Nessus® Exploit(s)	14

	Related
10	RHSA-2015:1603
10	GLSA-201508-01
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 2 more Alert(s)

10 - CVE-2015-5130

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CPE : Common Platform Enumeration

Snort® IPS/IDS

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU