Danger: High
The presence of fixes: Yes
The number of vulnerabilities: 1
CVSSv2 rating: (AV: N / AC: L / Au: N / C: C / I: C / A: C / E: U / RL: O / RC: C) = Base: 10 / Temporal: 7.4
CVE ID: CVE-2015-0312
Vector exploitation: Remote
Impact: Compromise system
Affected Products:
Adobe Flash Player 11.x
Adobe Flash Player 13.x
Adobe Flash Player 16.x
Affected versions:
Adobe Flash Player 16.0.0.287 and earlier versions for Windows and Macintosh.
Adobe Flash Player Extended Support 13.0.0.262 and earlier versions
Adobe Flash Player 11.2.202.438 and earlier versions for Linux
Description:
The vulnerability allows a remote user to compromise a vulnerable system.
The vulnerability is caused due to an error of dual release. Can be exploited to compromise a vulnerable system.
The discovery of CVE-2015-0312 has been credited to "bilou" from the Chromium Vulnerability Rewards Program.
Also one of the security flaws repaired is the infamous CVE-2015-0311 reported by French security researcher Kafeine.
Links:
http://helpx.adobe.com/security/products/flash-player/apsa15-01.html
http://helpx.adobe.com/security/products/flash-player/apsb15-03.html
No comments:
Post a Comment