Summary
This host is installed with Adobe Flash
Player and is prone to unspecified arbitrary code execution vulnerability.
Impact
Successful exploitation will allow
remote attackers to compromise a user's system.
Impact Level: System/Application.
Solution
Upgrade to Adobe Flash Player version
13.0.0.264 or 16.0.0.296 or later. For updates refer http://get.adobe.com/flashplayer
Insight
The flaw exists due to some unspecified
error and double-free flaw that is triggered as user-supplied input is not properly validated.
Affected
Adobe Flash Player version 13.x through
13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows.
Detection
Get the installed version with the help
of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2015-0311, CVE-2015-0312 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Windows)
- Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Windows)
- Adobe Acrobat Multiple Vulnerabilities - 01 May14 (Windows)
- Adobe Acrobat Multiple Unspecified Vulnerabilities -01 Feb13 (Windows)
- Adobe AIR Multiple Vulnerabilities-01 Jun14 (Windows)