Executive Summary
Informations | |||
---|---|---|---|
Name | TA15-195A | First vendor Publication | 2015-07-14 |
Vendor | US-CERT | Last vendor Modification | 2015-07-14 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Overview Used in conjunction, recently disclosed vulnerabilities in Adobe Flash and Microsoft Windows may allow a remote attacker to execute arbitrary code with system privileges. Since attackers continue to target and find new vulnerabilities in popular, Internet-facing software, updating is not sufficient, and it is important to use exploit mitigation and other defensive techniques. DescriptionThe following vulnerabilities illustrate the need for ongoing mitigation techniques and prioritization of updates for highly targeted software:
Vulnerability ChainingBy convincing a user to visit a website or open a file containing specially crafted Flash content, an attacker could combine any one of the three Adobe Flash vulnerabilities with the Microsoft Windows vulnerability to take full control of an affected system. A common attack vector for exploiting a Flash vulnerability is to entice a user to load Flash content in a web browser, and most web browsers have Flash installed and enabled. A second attack vector for Flash vulnerabilities is through a file (such as an email attachment) that embeds Flash content. Another technique leverages Object Linking and Embedding (OLE) capabilities in Microsoft Office documents to automatically download Flash content from a remote server. An attacker who is able to execute arbitrary code through the Flash vulnerability could exploit the Adobe Type Manager vulnerability to gain elevated system privileges. The Adobe Type Manager vulnerability allows the attacker to bypass sandbox defenses (such as those found in Adobe Reader and Google Chrome) and low integrity protections (such as Protected Mode Internet Explorer and Protected View for Microsoft Office). ImpactThe Adobe Flash vulnerabilities can allow a remote attacker to execute arbitrary code. Exploitation of the Adobe Type Manager vulnerability could then allow the attacker to execute code with system https://www.microsoft.com/en-us/download/details.aspx?id=46366privileges. SolutionSince attackers regularly target widely deployed, Internet-accessible software such as Adobe Flash and Microsoft Windows, it is important to prioritize updates for these products to defend against known vulnerabilities. Since attackers regularly discover new vulnerabilities for which updates do not exist, it is important to enable exploit mitigation and other defensive techniques. Apply Security UpdatesThe Adobe Flash vulnerabilities (CVE-2015-5119, CVE-2015-5122, CVE-2015-5123) are addressed in Adobe Security Bulletins APSB15-16 and APSB15-18. Users are encouraged to review the Bulletins and apply the necessary updates. The Microsoft Windows Adobe Type Manager vulnerability (CVE-2015-2387) is addressed in Microsoft security Bulletin MS15-077. Users are encouraged to review the Bulletin and apply the necessary updates. Additional information regarding the vulnerabilities can be found in Vulnerability Notes VU#561288, VU#338736, VU#918568, and VU#103336. Limit Flash ContentDo not run untrusted Flash content. Most web browsers have Flash enabled by default, however, it may be possible to enable click-to-play features. For information see http://www.howtogeek.com/188059/how-to-enable-click-to-play-plugins-in-every-web-browser/ Use the Microsoft Enhanced Mitigation Experience Toolkit (EMET)EMET can be used to help prevent exploitation of the Flash vulnerabilities. In particular, Attack Surface Reduction (ASR) can be configured to help restrict Microsoft Office and Internet Explorer from loading the Flash ActiveX control. See the following link for additional information: http://www.microsoft.com/en-us/download/details.aspx?id=46366 |
Original Source
Url : http://www.us-cert.gov/cas/techalerts/TA15-195A.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-416 | Use After Free |
33 % | CWE-264 | Permissions, Privileges, and Access Controls |
33 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:29332 | |||
Oval ID: | oval:org.mitre.oval:def:29332 | ||
Title: | ATMFD.DLL Memory corruption vulnerability - CVE-2015-2387 (MS15-077) | ||
Description: | ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "ATMFD.DLL Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2015-2387 | Version: | 3 |
Platform(s): | Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Snort® IPS/IDS
Date | Description |
---|---|
2017-03-02 | Adobe Flash Player remote code execution attempt RuleID : 41482 - Revision : 1 - Type : FILE-FLASH |
2017-03-02 | Adobe Flash Player remote code execution attempt RuleID : 41481 - Revision : 1 - Type : FILE-FLASH |
2017-03-02 | Adobe Flash Player remote code execution attempt RuleID : 41480 - Revision : 1 - Type : FILE-FLASH |
2017-03-02 | Adobe Flash Player remote code execution attempt RuleID : 41479 - Revision : 1 - Type : FILE-FLASH |
2016-03-22 | Adobe Flash Player remote code execution attempt RuleID : 37689 - Revision : 1 - Type : FILE-FLASH |
2016-03-22 | Adobe Flash Player remote code execution attempt RuleID : 37688 - Revision : 1 - Type : FILE-FLASH |
2016-03-15 | Adobe Flash Player remote code execution attempt RuleID : 37641 - Revision : 1 - Type : FILE-FLASH |
2016-03-15 | Adobe Flash Player remote code execution attempt RuleID : 37640 - Revision : 1 - Type : FILE-FLASH |
2016-03-15 | Adobe Flash Player remote code execution attempt RuleID : 37639 - Revision : 1 - Type : FILE-FLASH |
2016-03-15 | Adobe Flash Player remote code execution attempt RuleID : 37638 - Revision : 1 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player AS3 opaqueBackground use-after-free attempt RuleID : 36822 - Revision : 3 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player AS3 opaqueBackground use-after-free attempt RuleID : 36821 - Revision : 3 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player AS3 opaqueBackground use-after-free attempt RuleID : 36820 - Revision : 3 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player AS3 opaqueBackground use-after-free attempt RuleID : 36819 - Revision : 3 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player Exploit Kit decryption key detected RuleID : 36193 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36152 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36151 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36150 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36149 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36142 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36141 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36140 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36139 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36138 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36137 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36136 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36135 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player AS3 opaqueBackground use-after-free attempt RuleID : 36129 - Revision : 3 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player AS3 opaqueBackground use-after-free attempt RuleID : 36128 - Revision : 3 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player AS3 opaqueBackground use-after-free attempt RuleID : 36127 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player AS3 opaqueBackground use-after-free attempt RuleID : 36126 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player AS3 opaqueBackground use-after-free attempt RuleID : 36125 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player AS3 opaqueBackground use-after-free attempt RuleID : 36124 - Revision : 2 - Type : FILE-FLASH |
2015-09-08 | Adobe flash player BitmapData.paletteMap use after free attempt RuleID : 35466 - Revision : 3 - Type : FILE-FLASH |
2015-09-08 | Adobe flash player BitmapData.paletteMap use after free attempt RuleID : 35465 - Revision : 3 - Type : FILE-FLASH |
2015-09-08 | Adobe flash player BitmapData.paletteMap use after free attempt RuleID : 35464 - Revision : 2 - Type : FILE-FLASH |
2015-09-08 | Adobe flash player BitmapData.paletteMap use after free attempt RuleID : 35463 - Revision : 2 - Type : FILE-FLASH |
2015-09-08 | Adobe Flash Player AS3 opaqueBackground use-after-free attempt RuleID : 35454 - Revision : 3 - Type : FILE-FLASH |
2015-09-08 | Adobe Flash Player AS3 opaqueBackground use-after-free attempt RuleID : 35453 - Revision : 3 - Type : FILE-FLASH |
2015-09-08 | Adobe Flash Player AS3 opaqueBackground use-after-free attempt RuleID : 35452 - Revision : 4 - Type : FILE-FLASH |
2015-09-08 | Adobe Flash Player AS3 opaqueBackground use-after-free attempt RuleID : 35451 - Revision : 3 - Type : FILE-FLASH |
2015-09-08 | Adobe Flash Player AS3 opaqueBackground use-after-free attempt RuleID : 35450 - Revision : 4 - Type : FILE-FLASH |
2015-09-08 | Adobe Flash Player AS3 opaqueBackground use-after-free attempt RuleID : 35449 - Revision : 3 - Type : FILE-FLASH |
2015-08-18 | Adobe Flash Player remote code execution attempt RuleID : 35266 - Revision : 2 - Type : FILE-FLASH |
2015-08-18 | Adobe Flash Player remote code execution attempt RuleID : 35265 - Revision : 3 - Type : FILE-FLASH |
2015-08-18 | Adobe Flash Player remote code execution attempt RuleID : 35264 - Revision : 3 - Type : FILE-FLASH |
2015-08-18 | Adobe Flash Player remote code execution attempt RuleID : 35263 - Revision : 2 - Type : FILE-FLASH |
2015-08-18 | Adobe Flash Player remote code execution attempt RuleID : 35262 - Revision : 3 - Type : FILE-FLASH |
2015-08-18 | Adobe Flash Player remote code execution attempt RuleID : 35261 - Revision : 3 - Type : FILE-FLASH |
2015-08-14 | Adobe Flash Player BitmapData use-after-free attempt RuleID : 35220 - Revision : 3 - Type : FILE-FLASH |
2015-08-14 | Adobe Flash Player BitmapData use-after-free attempt RuleID : 35219 - Revision : 3 - Type : FILE-FLASH |
2015-08-14 | Adobe Flash Player BitmapData use-after-free attempt RuleID : 35218 - Revision : 2 - Type : FILE-FLASH |
2015-08-14 | Adobe Flash Player BitmapData use-after-free attempt RuleID : 35217 - Revision : 2 - Type : FILE-FLASH |
2015-08-11 | Microsoft Windows ATMFD.dll open font type privilege escalation attempt RuleID : 35108 - Revision : 3 - Type : OS-WINDOWS |
2015-08-11 | Microsoft Windows ATMFD.dll open font type privilege escalation attempt RuleID : 35107 - Revision : 3 - Type : OS-WINDOWS |
2015-08-11 | Microsoft Windows ATMFD.dll open font type privilege escalation attempt RuleID : 35106 - Revision : 3 - Type : OS-WINDOWS |
2015-08-11 | Microsoft Windows ATMFD.dll open font type privilege escalation attempt RuleID : 35105 - Revision : 3 - Type : OS-WINDOWS |
2015-08-11 | Adobe Flash Player remote code execution attempt RuleID : 35096 - Revision : 2 - Type : FILE-FLASH |
2015-08-11 | Adobe Flash Player remote code execution attempt RuleID : 35095 - Revision : 2 - Type : FILE-FLASH |
2015-08-09 | Adobe Flash Player remote code execution attempt RuleID : 35089 - Revision : 3 - Type : FILE-FLASH |
2015-08-09 | Adobe Flash Player remote code execution attempt RuleID : 35088 - Revision : 3 - Type : FILE-FLASH |
2015-08-09 | Adobe Flash Player remote code execution attempt RuleID : 35087 - Revision : 3 - Type : FILE-FLASH |
2015-08-09 | Adobe Flash Player remote code execution attempt RuleID : 35086 - Revision : 3 - Type : FILE-FLASH |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-09-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201508-01.nasl - Type : ACT_GATHER_INFO |
2015-09-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201507-13.nasl - Type : ACT_GATHER_INFO |
2015-07-20 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-496.nasl - Type : ACT_GATHER_INFO |
2015-07-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1258-1.nasl - Type : ACT_GATHER_INFO |
2015-07-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1255-1.nasl - Type : ACT_GATHER_INFO |
2015-07-17 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2015-1235.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote Windows host has a browser plugin installed that is affected by mu... File : smb_kb3079777.nasl - Type : ACT_GATHER_INFO |
2015-07-14 | Name : The Adobe Font driver on the remote host is affected by a privilege escalatio... File : smb_nt_ms15-077.nasl - Type : ACT_GATHER_INFO |
2015-07-14 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_43_0_2357_134.nasl - Type : ACT_GATHER_INFO |
2015-07-14 | Name : The remote Mac OS X host has a browser plugin installed that is affected by m... File : macosx_flash_player_apsb15-18.nasl - Type : ACT_GATHER_INFO |
2015-07-14 | Name : The remote Windows host contains a web browser that is affected by multiple r... File : google_chrome_43_0_2357_134.nasl - Type : ACT_GATHER_INFO |
2015-07-14 | Name : The remote Windows host has a browser plugin installed that is affected by mu... File : flash_player_apsb15-18.nasl - Type : ACT_GATHER_INFO |
2015-07-13 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1214-1.nasl - Type : ACT_GATHER_INFO |
2015-07-13 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1211-1.nasl - Type : ACT_GATHER_INFO |
2015-07-10 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_43_0_2357_132.nasl - Type : ACT_GATHER_INFO |
2015-07-10 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : google_chrome_43_0_2357_132.nasl - Type : ACT_GATHER_INFO |
2015-07-09 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2015-1214.nasl - Type : ACT_GATHER_INFO |
2015-07-09 | Name : The remote Windows host has a browser plugin installed that is affected by mu... File : smb_kb3065823.nasl - Type : ACT_GATHER_INFO |
2015-07-09 | Name : The remote Windows host has a version of Adobe AIR installed that is affected... File : adobe_air_apsb15-16.nasl - Type : ACT_GATHER_INFO |
2015-07-09 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-473.nasl - Type : ACT_GATHER_INFO |
2015-07-09 | Name : The remote Mac OS X host has a browser plugin installed that is affected by m... File : macosx_flash_player_apsb15-16.nasl - Type : ACT_GATHER_INFO |
2015-07-09 | Name : The remote Mac OS X host has a version of Adobe AIR installed that is affecte... File : macosx_adobe_air_apsb15-16.nasl - Type : ACT_GATHER_INFO |
2015-07-09 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_348bfa6925a211e5ade10011d823eebd.nasl - Type : ACT_GATHER_INFO |
2015-07-09 | Name : The remote Windows host has a browser plugin installed that is affected by mu... File : flash_player_apsb15-16.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2015-07-15 05:31:39 |
|
2015-07-15 05:26:45 |
|