mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
360 lines
11 KiB
JSON
360 lines
11 KiB
JSON
{
|
|
"id": "CVE-2015-0309",
|
|
"sourceIdentifier": "psirt@adobe.com",
|
|
"published": "2015-01-13T23:59:07.883",
|
|
"lastModified": "2024-11-21T02:22:47.360",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0304."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Desbordamiento de buffer en memoria en Adobe Flash Player anterior a 13.0.0.260 y 14.x a trav\u00e9s de 16.x anterior a 16.0.0.257 en Windows y OS X y anterior a 11.2.202.429 en Linux, Adobe AIR anterior a 16.0.0.245 en Windows y OS X y anterior a 16.0.0.272 en Android, Adobe AIR SDK anterior a 16.0.0.272, y Adobe AIR SDK & Compiler anterior a 16.0.0.272 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores sin especificar, una vulnerabilidad diferente a CVE-2015-0304"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
|
"baseScore": 10.0,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE"
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-119"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:android:*:*",
|
|
"versionEndIncluding": "15.0.0.356",
|
|
"matchCriteriaId": "73588000-26DE-4357-83BD-4F932BE76DD1"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:adobe_air_sdk_and_compiler:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "15.0.0.356",
|
|
"matchCriteriaId": "B4EAFECD-8468-4C59-AB9F-AF9E3C6EC656"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "13.0.0.259",
|
|
"matchCriteriaId": "5C41ABC4-7EE5-4B8F-8331-96726E827D90"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D5D7202D-56DF-400B-9F09-E7D9938222D3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4D4F0D21-A64B-46C1-9591-96529661DF0B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.176:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "86961019-3B81-458E-949F-A2F006EA55FE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.179:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "25895BE9-71FD-4DE7-90FC-0199470A8738"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.144:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "57882CDA-B99B-40EC-921A-8DFF5D820C97"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.152:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4D55A950-7D48-413C-AD43-6AC64FBE790C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.167:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F1A22B74-453D-4A8A-B79A-2B3143A0D995"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.189:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3FE4B077-67D1-4B25-976E-715FB6B2A1D1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.223:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BFC91B68-6B35-47BD-BC02-3F836E772CF3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.238:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E3F55018-24D7-486E-974F-D4CEDA5CDDE7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.239:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A3BE6004-C30A-46E2-9F25-785E12BBF640"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.246:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CFE8E51F-7A32-41A4-B03A-73E52EB64C04"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:flash_player:16.0.0.234:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "681E567A-444A-442C-9923-F65106F0DE97"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:flash_player:16.0.0.235:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3E13E927-A77C-4681-AFDE-A5A14093234D"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:flash_player:11.2.202.425:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B75E16B2-A24F-4E90-AA3F-F0A9114B5C85"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:adobe_air:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "15.0.0.356",
|
|
"matchCriteriaId": "9702A7E7-D670-4904-90F5-972C91499947"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574"
|
|
},
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:adobe:adobe_air_sdk:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "15.0.0.356",
|
|
"matchCriteriaId": "62F29329-CF1D-4205-BF9C-ABEE5A17A4E6"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://helpx.adobe.com/security/products/flash-player/apsb15-01.html",
|
|
"source": "psirt@adobe.com",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/62177",
|
|
"source": "psirt@adobe.com"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/62187",
|
|
"source": "psirt@adobe.com"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/62252",
|
|
"source": "psirt@adobe.com"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/62371",
|
|
"source": "psirt@adobe.com"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/62740",
|
|
"source": "psirt@adobe.com"
|
|
},
|
|
{
|
|
"url": "http://security.gentoo.org/glsa/glsa-201502-02.xml",
|
|
"source": "psirt@adobe.com"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/72038",
|
|
"source": "psirt@adobe.com"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id/1031525",
|
|
"source": "psirt@adobe.com"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99986",
|
|
"source": "psirt@adobe.com"
|
|
},
|
|
{
|
|
"url": "http://helpx.adobe.com/security/products/flash-player/apsb15-01.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/62177",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/62187",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/62252",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/62371",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/62740",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://security.gentoo.org/glsa/glsa-201502-02.xml",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/72038",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id/1031525",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99986",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |