CVE Vulnerabilities

CVE-2015-0310

Published: Jan 23, 2015 | Modified: Nov 13, 2015
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
5.1 MODERATE
AV:N/AC:H/Au:N/C:P/I:P/A:P
RedHat/V3
Ubuntu
MEDIUM

Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before 16.0.0.287 on Windows and OS X and before 11.2.202.438 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism on Windows, and have an unspecified impact on other platforms, via unknown vectors, as exploited in the wild in January 2015.

Affected Software

Name Vendor Start Version End Version
Flash_player Adobe * 11.2.202.429 (including)
Red Hat Enterprise Linux 5 Supplementary RedHat flash-plugin-0:11.2.202.440-1.el5 *
Supplementary for Red Hat Enterprise Linux 6 RedHat flash-plugin-0:11.2.202.440-1.el6 *
Adobe-flashplugin Ubuntu lucid *
Adobe-flashplugin Ubuntu precise *
Adobe-flashplugin Ubuntu trusty *
Adobe-flashplugin Ubuntu upstream *
Adobe-flashplugin Ubuntu utopic *
Flashplugin-nonfree Ubuntu devel *
Flashplugin-nonfree Ubuntu lucid *
Flashplugin-nonfree Ubuntu precise *
Flashplugin-nonfree Ubuntu trusty *
Flashplugin-nonfree Ubuntu upstream *
Flashplugin-nonfree Ubuntu utopic *

References