Summary
This host is installed with Adobe Flash
Player and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow
remote attackers to disclose potentially sensitive information and compromise a user's system.
Impact Level: System/Application.
Solution
Upgrade to Adobe Flash Player version
13.0.0.260 or 16.0.0.257 or later. For updates refer http://get.adobe.com/flashplayer
Insight
Multiple flaws exists due to,
- An unspecified error related to improper file validation.
- Another unspecified error which can be exploited to capture keystrokes.
- Two unspecified errors which can be exploited to corrupt memory.
- Two unspecified errors which can be exploited to cause a heap-based buffer overflow.
- A type confusion error which can be exploited to corrupt memory.
- An out-of-bounds read error.
- An unspecified use-after-free error.
Affected
Adobe Flash Player before version
13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Mac OS X.
Detection
Get the installed version with the help
of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2015-0301, CVE-2015-0302, CVE-2015-0303, CVE-2015-0304, CVE-2015-0305, CVE-2015-0306, CVE-2015-0307, CVE-2015-0308, CVE-2015-0309 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe AIR Multiple Vulnerabilities-01 Aug14 (Mac OS X)
- Adobe Flash Player Arbitrary Code Execution Vulnerability (Linux)
- Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Mac OS X)
- Adobe Air Multiple Vulnerabilities -01 May 13 (Windows)
- Adobe Acrobat and Reader Multiple Vulnerabilities -Oct10 (Windows)