CVE-2015-3083 – Flash Broker-Based - Sandbox Escape via Unexpected Directory Lock
https://notcve.org/view.php?id=CVE-2015-3083
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on filesystem write operations via unspecified vectors, a different vulnerability than CVE-2015-3082 and CVE-2015-3085. • https://www.exploit-db.com/exploits/37841 http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html http://rhn.redhat.com/errata/RHSA-2015-1005.html http://www.securityfocus.com/bid/74610 http://www.securitytracker.com/id/1032285 https://helpx.adobe.com/security/products/flash-player/apsb15-09.html https://security.gentoo • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2015-3082 – Flash Broker-Based - Sandbox Escape via Forward Slash Instead of Backslash
https://notcve.org/view.php?id=CVE-2015-3082
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on filesystem write operations via unspecified vectors, a different vulnerability than CVE-2015-3083 and CVE-2015-3085. • https://www.exploit-db.com/exploits/37840 http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html http://rhn.redhat.com/errata/RHSA-2015-1005.html http://www.securityfocus.com/bid/74610 http://www.securitytracker.com/id/1032285 https://helpx.adobe.com/security/products/flash-player/apsb15-09.html https://security.gentoo • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2015-3081 – Flash Broker-Based - Sandbox Escape via Timing Attack Against File Moving
https://notcve.org/view.php?id=CVE-2015-3081
Race condition in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allows attackers to bypass the Internet Explorer Protected Mode protection mechanism via unspecified vectors. • https://www.exploit-db.com/exploits/37842 http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html http://www.securityfocus.com/bid/74613 http://www.securitytracker.com/id/1032285 https://helpx.adobe.com/security/products/flash-player/apsb15-09.html https://security.gentoo.org/glsa/201505-02 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2015-3085 – Adobe Flash Player BrokerCreateFile Broker Method Path Traversal Sandbox Escape Vulnerability
https://notcve.org/view.php?id=CVE-2015-3085
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow remote attackers to bypass intended restrictions on filesystem write operations via unspecified vectors, a different vulnerability than CVE-2015-3082 and CVE-2015-3083. • http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html http://rhn.redhat.com/errata/RHSA-2015-1005.html http://www.securityfocus.com/bid/74610 http://www.securitytracker.com/id/1032285 http://www.zerodayinitiative.com/advisories/ZDI-15-216 https://helpx.adobe.com/security/products/flash-player/apsb15-09.html https://secur • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2015-1155 – Apple Safari file:// Redirection Sandbox Escape Vulnerabliity
https://notcve.org/view.php?id=CVE-2015-1155
The history implementation in WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows remote attackers to bypass the Same Origin Policy and read arbitrary files via a crafted web site. ... An attacker can leverage this vulnerability to execute code outside the context of the Safari sandbox. • http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html http://lists.apple.com/archives/security-announce/2015/May/msg00000.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00054.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00132.html http://support.apple.com/kb/HT204941 http://www.securityfocus.com/bid/74527 http://www.securitytracker.com/id/1032270 http://www.ubuntu.com/usn/USN-2937-1 https://support.apple.com/HT204826 • CWE-264: Permissions, Privileges, and Access Controls •