CVE-2015-5122

Description

Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.

References

https://helpx.adobe.com/security/products/flash-player/apsa15-04.html

https://www.fireeye.com/blog/threat-research/2015/07/cve-2015-5122_-_seco.html

http://www.kb.cert.org/vuls/id/338736

http://rhn.redhat.com/errata/RHSA-2015-1235.html

https://helpx.adobe.com/security/products/flash-player/apsb15-18.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html

http://www.us-cert.gov/ncas/alerts/TA15-195A

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784

http://marc.info/?l=bugtraq&m=144050155601375&w=2

http://www.securityfocus.com/bid/75712

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467

https://security.gentoo.org/glsa/201508-01

http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_opaque_background_uaf

https://www.exploit-db.com/exploits/37599/

http://www.securitytracker.com/id/1032890

http://packetstormsecurity.com/files/132663/Adobe-Flash-opaqueBackground-Use-After-Free.html

https://perception-point.io/2018/04/11/breaking-cfi-cve-2015-5122-coop/

https://perception-point.io/new/breaking-cfi.php

Details

Risk Information

CVSS v2