Executive Summary
Summary | |
---|---|
Title | Adobe Flash ActionScript 3 ByteArray use-after-free vulnerability |
Informations | |||
---|---|---|---|
Name | VU#561288 | First vendor Publication | 2015-07-07 |
Vendor | VU-CERT | Last vendor Modification | 2015-07-11 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#561288Adobe Flash ActionScript 3 ByteArray use-after-free vulnerabilityOverviewAdobe Flash Player contains a vulnerability in the ActionScript 3 ByteArray class, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description
Impact
Solution
Vendor Information (Learn More)
CVSS Metrics (Learn More)
References
CreditThis vulnerability was discovered by HackingTeam. This document was written by Will Dormann. Other Information
FeedbackIf you have feedback, comments, or additional information about this vulnerability, please send us email. |
Original Source
Url : http://www.kb.cert.org/vuls/id/561288 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
CPE : Common Platform Enumeration
Snort® IPS/IDS
Date | Description |
---|---|
2016-03-22 | Adobe Flash Player remote code execution attempt RuleID : 37689 - Revision : 1 - Type : FILE-FLASH |
2016-03-22 | Adobe Flash Player remote code execution attempt RuleID : 37688 - Revision : 1 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player Exploit Kit decryption key detected RuleID : 36193 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36152 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36151 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36150 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36149 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36142 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36141 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36140 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36139 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36138 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36137 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36136 - Revision : 2 - Type : FILE-FLASH |
2016-03-14 | Adobe Flash Player remote code execution attempt RuleID : 36135 - Revision : 2 - Type : FILE-FLASH |
2015-08-11 | Adobe Flash Player remote code execution attempt RuleID : 35096 - Revision : 2 - Type : FILE-FLASH |
2015-08-11 | Adobe Flash Player remote code execution attempt RuleID : 35095 - Revision : 2 - Type : FILE-FLASH |
2015-08-09 | Adobe Flash Player remote code execution attempt RuleID : 35089 - Revision : 3 - Type : FILE-FLASH |
2015-08-09 | Adobe Flash Player remote code execution attempt RuleID : 35088 - Revision : 3 - Type : FILE-FLASH |
2015-08-09 | Adobe Flash Player remote code execution attempt RuleID : 35087 - Revision : 3 - Type : FILE-FLASH |
2015-08-09 | Adobe Flash Player remote code execution attempt RuleID : 35086 - Revision : 3 - Type : FILE-FLASH |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-09-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201507-13.nasl - Type : ACT_GATHER_INFO |
2015-07-13 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1211-1.nasl - Type : ACT_GATHER_INFO |
2015-07-13 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-1214-1.nasl - Type : ACT_GATHER_INFO |
2015-07-10 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : google_chrome_43_0_2357_132.nasl - Type : ACT_GATHER_INFO |
2015-07-10 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_google_chrome_43_0_2357_132.nasl - Type : ACT_GATHER_INFO |
2015-07-09 | Name : The remote Windows host has a version of Adobe AIR installed that is affected... File : adobe_air_apsb15-16.nasl - Type : ACT_GATHER_INFO |
2015-07-09 | Name : The remote Windows host has a browser plugin installed that is affected by mu... File : flash_player_apsb15-16.nasl - Type : ACT_GATHER_INFO |
2015-07-09 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_348bfa6925a211e5ade10011d823eebd.nasl - Type : ACT_GATHER_INFO |
2015-07-09 | Name : The remote Mac OS X host has a version of Adobe AIR installed that is affecte... File : macosx_adobe_air_apsb15-16.nasl - Type : ACT_GATHER_INFO |
2015-07-09 | Name : The remote Mac OS X host has a browser plugin installed that is affected by m... File : macosx_flash_player_apsb15-16.nasl - Type : ACT_GATHER_INFO |
2015-07-09 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-473.nasl - Type : ACT_GATHER_INFO |
2015-07-09 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2015-1214.nasl - Type : ACT_GATHER_INFO |
2015-07-09 | Name : The remote Windows host has a browser plugin installed that is affected by mu... File : smb_kb3065823.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2015-07-16 09:34:47 |
|
2015-07-11 21:25:46 |
|
2015-07-11 17:25:05 |
|
2015-07-09 21:30:45 |
|
2015-07-09 00:25:24 |
|
2015-07-08 21:31:37 |
|
2015-07-08 00:24:42 |
|
2015-07-07 21:25:36 |
|
2015-07-07 17:25:13 |
|