CVE-2015-3090

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3078, CVE-2015-3089, and CVE-2015-3093.

References

http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html

http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html

http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html

http://rhn.redhat.com/errata/RHSA-2015-1005.html

http://www.securityfocus.com/bid/74605

http://www.securitytracker.com/id/1032285

https://helpx.adobe.com/security/products/flash-player/apsb15-09.html

https://security.gentoo.org/glsa/201505-02

Details

Source: MITRE

Published: 2015-05-13

Updated: 2017-01-03

Type: CWE-119

Risk Information

CVSS v2

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (16 total)

IDNameProductFamilySeverity
8814Flash Player < 17.0.0.189 (inferred) Multiple Vulnerabilities (APSB15-06 through 11) Nessus Network MonitorWeb Clients
high
8812Adobe AIR < 17.0.0.172 Multiple Vulnerabilities (APSB15-09)Nessus Network MonitorWeb Clients
high
8811Flash Player < 13.0.0.289 / 17.0.0.188 Multiple Vulnerabilities (APSB15-09)Nessus Network MonitorWeb Clients
high
8780Google Chrome < 42.0.2311.152 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
84161Adobe AIR for Mac <= 17.0.0.144 Multiple Vulnerabilities (APSB15-09)NessusMacOS X Local Security Checks
critical
84157Adobe AIR <= 17.0.0.144 Multiple Vulnerabilities (APSB15-09)NessusWindows
critical
83911GLSA-201505-02 : Adobe Flash Player: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
83559openSUSE Security Update : flash-player (openSUSE-2015-372)NessusSuSE Local Security Checks
critical
83486SuSE 11.3 Security Update : flash-player (SAT Patch Number 10680)NessusSuSE Local Security Checks
critical
83442FreeBSD : Adobe Flash Player -- critical vulnerabilities (e206df57-f97b-11e4-b799-c485083ca99c)NessusFreeBSD Local Security Checks
critical
83431RHEL 5 / 6 : flash-plugin (RHSA-2015:1005)NessusRed Hat Local Security Checks
critical
83369MS KB3061904: Update for Vulnerabilities in Adobe Flash Player in Internet ExplorerNessusWindows
critical
83368Google Chrome < 42.0.2311.152 Multiple Vulnerabilities (Mac OS X)NessusMacOS X Local Security Checks
critical
83367Adobe Flash Player <= 17.0.0.169 Multiple Vulnerabilities (APSB15-09) (Mac OS X)NessusMacOS X Local Security Checks
critical
83366Google Chrome < 42.0.2311.152 Multiple VulnerabilitiesNessusWindows
critical
83365Adobe Flash Player <= 17.0.0.169 Multiple Vulnerabilities (APSB15-09)NessusWindows
critical