fkie_cve-2015-5573
Vulnerability from fkie_nvd
Published
2015-09-22 10:59
Modified
2024-11-21 02:33
Severity ?
Summary
Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code by leveraging an unspecified "type confusion."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | flash_player | * | |
| adobe | flash_player | 14.0.0.125 | |
| adobe | flash_player | 14.0.0.145 | |
| adobe | flash_player | 14.0.0.176 | |
| adobe | flash_player | 14.0.0.179 | |
| adobe | flash_player | 15.0.0.152 | |
| adobe | flash_player | 15.0.0.167 | |
| adobe | flash_player | 15.0.0.189 | |
| adobe | flash_player | 15.0.0.223 | |
| adobe | flash_player | 15.0.0.239 | |
| adobe | flash_player | 15.0.0.246 | |
| adobe | flash_player | 16.0.0.235 | |
| adobe | flash_player | 16.0.0.257 | |
| adobe | flash_player | 16.0.0.287 | |
| adobe | flash_player | 16.0.0.296 | |
| adobe | flash_player | 17.0.0.134 | |
| adobe | flash_player | 17.0.0.169 | |
| adobe | flash_player | 17.0.0.188 | |
| adobe | flash_player | 17.0.0.190 | |
| adobe | flash_player | 17.0.0.191 | |
| adobe | flash_player | 18.0.0.160 | |
| adobe | flash_player | 18.0.0.194 | |
| adobe | flash_player | 18.0.0.203 | |
| adobe | flash_player | 18.0.0.209 | |
| adobe | flash_player | 18.0.0.232 | |
| apple | mac_os_x | - | |
| microsoft | windows | - | |
| adobe | flash_player | * | |
| linux | linux_kernel | - | |
| adobe | air | * | |
| adobe | air_sdk | * | |
| adobe | air_sdk_\&_compiler | * | |
| apple | mac_os_x | - | |
| microsoft | windows | - | |
| adobe | air | * | |
| android | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2E515D4-87A7-4CB5-8C91-0A95BE8F283B",
"versionEndIncluding": "13.0.0.289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D7202D-56DF-400B-9F09-E7D9938222D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*",
"matchCriteriaId": "4D4F0D21-A64B-46C1-9591-96529661DF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.176:*:*:*:*:*:*:*",
"matchCriteriaId": "86961019-3B81-458E-949F-A2F006EA55FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.179:*:*:*:*:*:*:*",
"matchCriteriaId": "25895BE9-71FD-4DE7-90FC-0199470A8738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.152:*:*:*:*:*:*:*",
"matchCriteriaId": "4D55A950-7D48-413C-AD43-6AC64FBE790C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.167:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A22B74-453D-4A8A-B79A-2B3143A0D995",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.189:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE4B077-67D1-4B25-976E-715FB6B2A1D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.223:*:*:*:*:*:*:*",
"matchCriteriaId": "BFC91B68-6B35-47BD-BC02-3F836E772CF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.239:*:*:*:*:*:*:*",
"matchCriteriaId": "A3BE6004-C30A-46E2-9F25-785E12BBF640",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.246:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE8E51F-7A32-41A4-B03A-73E52EB64C04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:16.0.0.235:*:*:*:*:*:*:*",
"matchCriteriaId": "3E13E927-A77C-4681-AFDE-A5A14093234D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:16.0.0.257:*:*:*:*:*:*:*",
"matchCriteriaId": "27629FF0-5EB9-476F-B5B3-115F663AB65E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:16.0.0.287:*:*:*:*:*:*:*",
"matchCriteriaId": "C0AB583F-3EBD-47B6-975E-7754CC32CCA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:16.0.0.296:*:*:*:*:*:*:*",
"matchCriteriaId": "B58DE1A9-0510-4B65-AB18-75F9263A7818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:17.0.0.134:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC4FAD0-4A54-4EDF-BE39-28138B34E719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:17.0.0.169:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1FBC20-3DE6-4426-9E97-42AFCEF8CEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:17.0.0.188:*:*:*:*:*:*:*",
"matchCriteriaId": "40EF2221-DE87-4D8F-B92D-8FD21EEBEABA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:17.0.0.190:*:*:*:*:*:*:*",
"matchCriteriaId": "3DF6FE30-4B7A-49EB-8571-C2C6E6F8F10C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:17.0.0.191:*:*:*:*:*:*:*",
"matchCriteriaId": "907BA8C1-3C18-420B-A607-1798C72C28A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:18.0.0.160:*:*:*:*:*:*:*",
"matchCriteriaId": "1B8349AC-871D-4320-B361-D5877CD4DDC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:18.0.0.194:*:*:*:*:*:*:*",
"matchCriteriaId": "950A7A0E-8241-430A-BA17-49C650079DCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:18.0.0.203:*:*:*:*:*:*:*",
"matchCriteriaId": "B73C55A2-A88A-4245-820F-0DEAC707A40D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:18.0.0.209:*:*:*:*:*:*:*",
"matchCriteriaId": "E60B5CBA-1ADB-4577-AF7C-687F08E0DC58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:flash_player:18.0.0.232:*:*:*:*:*:*:*",
"matchCriteriaId": "7400BCB7-3C83-4995-BEC2-9D32367D9EC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40C5B719-043A-45CB-A00E-34FE19F32AE6",
"versionEndIncluding": "11.2.202.508",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E6ADB5A-7C12-4CED-89DA-DACFD2D842A8",
"versionEndIncluding": "18.0.0.199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:air_sdk:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DAE3C44-B900-4F9D-84E1-17FA67587210",
"versionEndIncluding": "18.0.0.199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:air_sdk_\\\u0026_compiler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E0EBC1-529C-40F7-864F-E08F6D5FFBAD",
"versionEndIncluding": "18.0.0.180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:air:*:*:*:*:*:*:*:*",
"matchCriteriaId": "990E3AB4-FAD2-476D-AFFE-9D0E070BA588",
"versionEndIncluding": "18.0.0.143",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8255F035-04C8-4158-B301-82101711939C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK \u0026 Compiler before 19.0.0.190 allow attackers to execute arbitrary code by leveraging an unspecified \"type confusion.\""
},
{
"lang": "es",
"value": "Vulnerabilidad en Adobe Flash Player en versiones anteriores a 18.0.0.241 y 19.x en versiones anteriores a 19.0.0.185 en Windows y OS X y en versiones anteriores a 11.2.202.521 en Linux, Adobe AIR en versiones anteriores a 19.0.0.190, Adobe AIR SDK en versiones anteriores a 19.0.0.190 y Adobe AIR SDK \u0026 Compiler en versiones anteriores a 19.0.0.190, permite a atacantes ejecutar c\u00f3digo arbitrario aprovechando un \u0027type confusion\u0027 no especificado."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/843.html\"\u003eCWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)\u003c/a\u003e",
"id": "CVE-2015-5573",
"lastModified": "2024-11-21T02:33:18.717",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-09-22T10:59:06.077",
"references": [
{
"source": "psirt@adobe.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html"
},
{
"source": "psirt@adobe.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00023.html"
},
{
"source": "psirt@adobe.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00024.html"
},
{
"source": "psirt@adobe.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html"
},
{
"source": "psirt@adobe.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1814.html"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securityfocus.com/bid/76794"
},
{
"source": "psirt@adobe.com",
"url": "http://www.securitytracker.com/id/1033629"
},
{
"source": "psirt@adobe.com",
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04939841"
},
{
"source": "psirt@adobe.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
},
{
"source": "psirt@adobe.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"source": "psirt@adobe.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-23.html"
},
{
"source": "psirt@adobe.com",
"url": "https://security.gentoo.org/glsa/201509-07"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1814.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/76794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1033629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04939841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-23.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201509-07"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.