CVE-2015-0338 — Adobe Flash Player vulnerability

5 documents5 sources

Severity

10.0CRITICALNVD

EPSS

4.0%

top 11.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Flash Player

Timeline

PublishedMar 13

Latest updateMay 17

Description

Integer overflow in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDadobe/flash_player11.2.202.442+16

Patches

Patch: helpx.adobe.com ↗Patch: helpx.adobe.com ↗

🔴Vulnerability Details

GHSA

GHSA-978r-p5rq-92qc: Integer overflow in Adobe Flash Player before 13↗2022-05-17

▶

OSV

CVE-2015-0338: Integer overflow in Adobe Flash Player before 13↗2015-03-13

▶

📋Vendor Advisories

Red Hat

flash-plugin: multiple code execution issues fixed in APSB15-05↗2015-03-12

▶

💬Community

Bugzilla

flash-plugin: multiple code execution issues fixed in APSB15-05↗2015-03-13

▶