CVE-2015-3038

16 documents6 sources
Severity
10.0CRITICAL
EPSS
9.3%
top 7.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Adobe Flash PlayerOpensuse OpensuseRedhat Enterprise Linux Desktop Supplementary+5 more
Timeline
PublishedApr 14
Latest updateMay 14

Description

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages7 packages

NVDadobe/flash_player11.2.202.451+16
Ubuntuflashplugin-nonfree< 11.2.202.457ubuntu0.14.04.1

Also affects: Enterprise Linux 5.0, 6.0, 6.6.z

Patches

Patch: helpx.adobe.comPatch: helpx.adobe.com

🔴Vulnerability Details

3
GHSA
GHSA-r8v5-rf6g-q3m8: Adobe Flash Player before 132022-05-14
CVEList
CVE-2015-3038: Adobe Flash Player before 132015-04-14
OSV
CVE-2015-3038: Adobe Flash Player before 132015-04-14

📋Vendor Advisories

11
Red Hat
flash-plugin: multiple code execution issues fixed in APSB15-062015-04-14
Red Hat
flash-plugin: multiple code execution issues fixed in APSB15-062015-04-14
Red Hat
flash-plugin: multiple code execution issues fixed in APSB15-062015-04-14
Red Hat
flash-plugin: multiple code execution issues fixed in APSB15-062015-04-14
Red Hat
flash-plugin: multiple code execution issues fixed in APSB15-062015-04-14

💬Community

1
Bugzilla
flash-plugin: multiple code execution issues fixed in APSB15-062015-04-15
CVE-2015-3038 (CRITICAL CVSS 10) | Adobe Flash Player before 13.0.0.28 | cvebase.io