Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
02 Jul 2024, 17:41
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:adobe:flash_player:17.0.0.134:*:*:*:*:*:*:* cpe:2.3:a:adobe:flash_player:17.0.0.169:*:*:*:*:*:*:* cpe:2.3:a:adobe:flash_player:16.0.0.235:*:*:*:*:*:*:* cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:* cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:* cpe:2.3:a:adobe:flash_player:16.0.0.296:*:*:*:*:*:*:* cpe:2.3:a:adobe:flash_player:14.0.0.176:*:*:*:*:*:*:* cpe:2.3:a:adobe:flash_player:14.0.0.179:*:*:*:*:*:*:* cpe:2.3:a:adobe:flash_player:15.0.0.239:*:*:*:*:*:*:* cpe:2.3:a:adobe:flash_player:15.0.0.189:*:*:*:*:*:*:* cpe:2.3:a:adobe:flash_player:16.0.0.287:*:*:*:*:*:*:* cpe:2.3:a:adobe:flash_player:16.0.0.257:*:*:*:*:*:*:* cpe:2.3:a:adobe:flash_player:18.0.0.161:*:*:*:*:*:*:* cpe:2.3:a:adobe:flash_player:17.0.0.188:*:*:*:*:*:*:* cpe:2.3:a:adobe:flash_player:15.0.0.167:*:*:*:*:*:*:* cpe:2.3:a:adobe:flash_player:15.0.0.246:*:*:*:*:*:*:* cpe:2.3:a:adobe:flash_player:15.0.0.223:*:*:*:*:*:*:* |
cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:* cpe:2.3:a:hp:version_control_repository_manager:7.6:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:* cpe:2.3:a:hp:virtual_connect_enterprise_manager:*:*:*:*:*:*:*:* cpe:2.3:a:hp:version_control_repository_manager:*:*:*:*:*:*:*:* cpe:2.3:a:hp:version_control_agent:*:*:*:*:*:*:*:* cpe:2.3:a:hp:insight_orchestration:*:*:*:*:*:*:*:* cpe:2.3:a:hp:systems_insight_manager:*:*:*:*:*:*:*:* cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:* cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* |
CWE | CWE-787 | |
CVSS |
v2 : v3 : |
v2 : 10.0
v3 : 9.8 |
First Time |
Hp version Control Agent
Hp insight Orchestration Hp Suse linux Enterprise Desktop Hp systems Insight Manager Redhat enterprise Linux Workstation Suse Opensuse opensuse Redhat Suse linux Enterprise Workstation Extension Hp version Control Repository Manager Redhat enterprise Linux Eus Redhat enterprise Linux Desktop Hp virtual Connect Enterprise Manager Opensuse Hp system Management Homepage Redhat enterprise Linux Server Opensuse evergreen |
|
References | () http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html - Mailing List, Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00025.html - Mailing List, Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00002.html - Mailing List, Third Party Advisory | |
References | () http://marc.info/?l=bugtraq&m=144050155601375&w=2 - Mailing List | |
References | () http://rhn.redhat.com/errata/RHSA-2015-1184.html - Third Party Advisory | |
References | () http://www.securityfocus.com/bid/75371 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id/1032696 - Broken Link, Third Party Advisory, VDB Entry | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=1235036 - Issue Tracking | |
References | () https://bugzilla.suse.com/show_bug.cgi?id=935701 - Issue Tracking | |
References | () https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467 - Broken Link | |
References | () https://helpx.adobe.com/security/products/flash-player/apsb15-14.html - Broken Link, Patch, Vendor Advisory | |
References | () https://security.gentoo.org/glsa/201507-13 - Third Party Advisory | |
References | () https://www.suse.com/security/cve/CVE-2015-3113.html - Third Party Advisory |
Information
Published : 2015-06-23 21:59
Updated : 2024-07-02 17:41
NVD link : CVE-2015-3113
Mitre link : CVE-2015-3113
CVE.ORG link : CVE-2015-3113
JSON object : View
Products Affected
hp
- version_control_repository_manager
- systems_insight_manager
- insight_orchestration
- system_management_homepage
- virtual_connect_enterprise_manager
- version_control_agent
redhat
- enterprise_linux_workstation
- enterprise_linux_server
- enterprise_linux_desktop
- enterprise_linux_eus
linux
- linux_kernel
suse
- linux_enterprise_workstation_extension
- linux_enterprise_desktop
apple
- mac_os_x
microsoft
- windows
opensuse
- opensuse
- evergreen
adobe
- flash_player
CWE
CWE-787
Out-of-bounds Write