CVE-2015-3097
Gentoo Linux Security Advisory 201506-01
Severity Score
8.1
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160, Adobe AIR before 18.0.0.144, Adobe AIR SDK before 18.0.0.144, and Adobe AIR SDK & Compiler before 18.0.0.144 on 64-bit Windows 7 systems do not properly select a random memory address for the Flash heap, which makes it easier for attackers to conduct unspecified attacks by predicting this address.
Adobe Flash Player anterior a 13.0.0.292 y 14.x hasta 18.x anterior a 18.0.0.160, Adobe AIR anterior a 18.0.0.144, Adobe AIR SDK anterior a 18.0.0.144, y Adobe AIR SDK & Compiler anterior a 18.0.0.144 en los sistemas de Windows 7 de 64 bits no seleccionan correctamente una dirección de la memoria aleatoria para la memoria dinámica de Flash, lo que facilita a atacantes realizar ataques no especificadas mediante la predicción de esta dirección.
Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.466 are affected.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-04-09 CVE Reserved
- 2015-06-10 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/75090 | Vdb Entry | |
| http://www.securitytracker.com/id/1032519 | Vdb Entry | |
| http://www.securitytracker.com/id/1032810 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://helpx.adobe.com/security/products/flash-player/apsb15-11.html | 2017-09-22 | |
| https://helpx.adobe.com/security/products/flash-player/apsb15-16.html | 2017-09-22 |
| URL | Date | SRC |
|---|---|---|
| https://security.gentoo.org/glsa/201506-01 | 2017-09-22 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Adobe Search vendor "Adobe" | Air Search vendor "Adobe" for product "Air" | <= 17.0.0.172 Search vendor "Adobe" for product "Air" and version " <= 17.0.0.172" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Air Sdk Search vendor "Adobe" for product "Air Sdk" | <= 17.0.0.172 Search vendor "Adobe" for product "Air Sdk" and version " <= 17.0.0.172" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Air Sdk \& Compiler Search vendor "Adobe" for product "Air Sdk \& Compiler" | <= 17.0.0.172 Search vendor "Adobe" for product "Air Sdk \& Compiler" and version " <= 17.0.0.172" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | <= 13.0.0.289 Search vendor "Adobe" for product "Flash Player" and version " <= 13.0.0.289" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 14.0.0.125 Search vendor "Adobe" for product "Flash Player" and version "14.0.0.125" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 14.0.0.145 Search vendor "Adobe" for product "Flash Player" and version "14.0.0.145" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 14.0.0.176 Search vendor "Adobe" for product "Flash Player" and version "14.0.0.176" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 14.0.0.179 Search vendor "Adobe" for product "Flash Player" and version "14.0.0.179" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 15.0.0.152 Search vendor "Adobe" for product "Flash Player" and version "15.0.0.152" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 15.0.0.167 Search vendor "Adobe" for product "Flash Player" and version "15.0.0.167" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 15.0.0.189 Search vendor "Adobe" for product "Flash Player" and version "15.0.0.189" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 15.0.0.223 Search vendor "Adobe" for product "Flash Player" and version "15.0.0.223" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 15.0.0.239 Search vendor "Adobe" for product "Flash Player" and version "15.0.0.239" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 15.0.0.246 Search vendor "Adobe" for product "Flash Player" and version "15.0.0.246" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 16.0.0.235 Search vendor "Adobe" for product "Flash Player" and version "16.0.0.235" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 16.0.0.257 Search vendor "Adobe" for product "Flash Player" and version "16.0.0.257" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 16.0.0.287 Search vendor "Adobe" for product "Flash Player" and version "16.0.0.287" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 16.0.0.296 Search vendor "Adobe" for product "Flash Player" and version "16.0.0.296" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 17.0.0.134 Search vendor "Adobe" for product "Flash Player" and version "17.0.0.134" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 17.0.0.169 Search vendor "Adobe" for product "Flash Player" and version "17.0.0.169" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|
| Adobe Search vendor "Adobe" | Flash Player Search vendor "Adobe" for product "Flash Player" | 17.0.0.188 Search vendor "Adobe" for product "Flash Player" and version "17.0.0.188" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows 7 Search vendor "Microsoft" for product "Windows 7" | * | x64 |
Affected
|