CVE-2015-0334 — Adobe Flash Player vulnerability

11 documents7 sources

Severity

9.3CRITICALNVD

EPSS

5.0%

top 10.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Flash Player

Timeline

PublishedMar 13

Latest updateMay 17

Description

Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-0336.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDadobe/flash_player13.0.0.264+16

Patches

Patch: helpx.adobe.com ↗Patch: helpx.adobe.com ↗

🔴Vulnerability Details

GHSA

GHSA-vf82-rw34-q9xr: Adobe Flash Player before 13↗2022-05-17

▶

GHSA

GHSA-x9gp-g79c-8994: Adobe Flash Player before 13↗2022-05-17

▶

Project0

A Tale of Two Exploits - Project Zero↗2015-04-01

▶

OSV

CVE-2015-0336: Adobe Flash Player before 13↗2015-03-13

▶

OSV

CVE-2015-0334: Adobe Flash Player before 13↗2015-03-13

▶

📋Vendor Advisories

Red Hat

flash-plugin: multiple code execution issues fixed in APSB15-05↗2015-03-12

▶

Red Hat

flash-plugin: multiple code execution issues fixed in APSB15-05↗2015-03-12

▶

💬Community

Bugzilla

flash-plugin: multiple code execution issues fixed in APSB15-05↗2015-03-13

▶