CVE-2015-3097

Severity Score

5.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160, Adobe AIR before 18.0.0.144, Adobe AIR SDK before 18.0.0.144, and Adobe AIR SDK & Compiler before 18.0.0.144 on 64-bit Windows 7 systems do not properly select a random memory address for the Flash heap, which makes it easier for attackers to conduct unspecified attacks by predicting this address.

Adobe Flash Player anterior a 13.0.0.292 y 14.x hasta 18.x anterior a 18.0.0.160, Adobe AIR anterior a 18.0.0.144, Adobe AIR SDK anterior a 18.0.0.144, y Adobe AIR SDK & Compiler anterior a 18.0.0.144 en los sistemas de Windows 7 de 64 bits no seleccionan correctamente una dirección de la memoria aleatoria para la memoria dinámica de Flash, lo que facilita a atacantes realizar ataques no especificadas mediante la predicción de esta dirección.

*Credits: N/A

CVSS Scores

NISTv2 5.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2015-04-09 CVE Reserved
2015-06-10 CVE Published
2023-03-07 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CAPEC

References (6)

URL	Tag	Source
http://www.securityfocus.com/bid/75090	Vdb Entry
http://www.securitytracker.com/id/1032519	Vdb Entry
http://www.securitytracker.com/id/1032810	Vdb Entry

URL	Date	SRC

URL	Date	SRC
https://helpx.adobe.com/security/products/flash-player/apsb15-11.html	2017-09-22
https://helpx.adobe.com/security/products/flash-player/apsb15-16.html	2017-09-22

URL	Date	SRC
https://security.gentoo.org/glsa/201506-01	2017-09-22

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Adobe Search vendor "Adobe"	Air Search vendor "Adobe" for product "Air"	<= 17.0.0.172 Search vendor "Adobe" for product "Air" and version " <= 17.0.0.172"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Air Sdk Search vendor "Adobe" for product "Air Sdk"	<= 17.0.0.172 Search vendor "Adobe" for product "Air Sdk" and version " <= 17.0.0.172"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Air Sdk \& Compiler Search vendor "Adobe" for product "Air Sdk \& Compiler"	<= 17.0.0.172 Search vendor "Adobe" for product "Air Sdk \& Compiler" and version " <= 17.0.0.172"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Flash Player Search vendor "Adobe" for product "Flash Player"	<= 13.0.0.289 Search vendor "Adobe" for product "Flash Player" and version " <= 13.0.0.289"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Flash Player Search vendor "Adobe" for product "Flash Player"	14.0.0.125 Search vendor "Adobe" for product "Flash Player" and version "14.0.0.125"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Flash Player Search vendor "Adobe" for product "Flash Player"	14.0.0.145 Search vendor "Adobe" for product "Flash Player" and version "14.0.0.145"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Flash Player Search vendor "Adobe" for product "Flash Player"	14.0.0.176 Search vendor "Adobe" for product "Flash Player" and version "14.0.0.176"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Flash Player Search vendor "Adobe" for product "Flash Player"	14.0.0.179 Search vendor "Adobe" for product "Flash Player" and version "14.0.0.179"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Flash Player Search vendor "Adobe" for product "Flash Player"	15.0.0.152 Search vendor "Adobe" for product "Flash Player" and version "15.0.0.152"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Flash Player Search vendor "Adobe" for product "Flash Player"	15.0.0.167 Search vendor "Adobe" for product "Flash Player" and version "15.0.0.167"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Flash Player Search vendor "Adobe" for product "Flash Player"	15.0.0.189 Search vendor "Adobe" for product "Flash Player" and version "15.0.0.189"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Flash Player Search vendor "Adobe" for product "Flash Player"	15.0.0.223 Search vendor "Adobe" for product "Flash Player" and version "15.0.0.223"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Flash Player Search vendor "Adobe" for product "Flash Player"	15.0.0.239 Search vendor "Adobe" for product "Flash Player" and version "15.0.0.239"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Flash Player Search vendor "Adobe" for product "Flash Player"	15.0.0.246 Search vendor "Adobe" for product "Flash Player" and version "15.0.0.246"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Flash Player Search vendor "Adobe" for product "Flash Player"	16.0.0.235 Search vendor "Adobe" for product "Flash Player" and version "16.0.0.235"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Flash Player Search vendor "Adobe" for product "Flash Player"	16.0.0.257 Search vendor "Adobe" for product "Flash Player" and version "16.0.0.257"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Flash Player Search vendor "Adobe" for product "Flash Player"	16.0.0.287 Search vendor "Adobe" for product "Flash Player" and version "16.0.0.287"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Flash Player Search vendor "Adobe" for product "Flash Player"	16.0.0.296 Search vendor "Adobe" for product "Flash Player" and version "16.0.0.296"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Flash Player Search vendor "Adobe" for product "Flash Player"	17.0.0.134 Search vendor "Adobe" for product "Flash Player" and version "17.0.0.134"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Flash Player Search vendor "Adobe" for product "Flash Player"	17.0.0.169 Search vendor "Adobe" for product "Flash Player" and version "17.0.0.169"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected
Adobe Search vendor "Adobe"	Flash Player Search vendor "Adobe" for product "Flash Player"	17.0.0.188 Search vendor "Adobe" for product "Flash Player" and version "17.0.0.188"	-	Affected	in	Microsoft Search vendor "Microsoft"	Windows 7 Search vendor "Microsoft" for product "Windows 7"	*	x64	Affected