admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2015/CVE-2015-03xx/CVE-2015-0313.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

250 lines
8.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2015-0313",
"sourceIdentifier": "psirt@adobe.com",
"published": "2015-02-02T19:59:00.053",
"lastModified": "2017-09-08T01:29:39.403",
"vulnStatus": "Modified",
"cisaExploitAdd": "2022-04-13",
"cisaActionDue": "2022-05-04",
"cisaRequiredAction": "The impacted product is end-of-life and should be disconnected if still in use.",
"cisaVulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability",
"descriptions": [
{
"lang": "en",
"value": "Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322."
},
{
"lang": "es",
"value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en Adobe Flash Player en versiones anteriores a 13.0.0.269 y 14.x hasta la versi\u00f3n 16.x en versiones anteriores a 16.0.0.305 en Windows y OS X y en versiones anteriores a 11.2.202.442 en Linux permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados, seg\u00fan se ha explotado activamente en febrero de 2015, una vulnerabilidad diferente a CVE-2015-0315, CVE-2015-0320 y CVE-2015-0322."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"acInsufInfo": true,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"versionEndIncluding": "11.2.202.440",
"matchCriteriaId": "BD7D850A-22AB-4392-9322-B7C85C81FCAB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"versionEndIncluding": "13.0.0.264",
"matchCriteriaId": "35A39AB2-E3C6-4C70-8CC9-0050184DB2B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D7202D-56DF-400B-9F09-E7D9938222D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*",
"matchCriteriaId": "4D4F0D21-A64B-46C1-9591-96529661DF0B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.176:*:*:*:*:*:*:*",
"matchCriteriaId": "86961019-3B81-458E-949F-A2F006EA55FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.179:*:*:*:*:*:*:*",
"matchCriteriaId": "25895BE9-71FD-4DE7-90FC-0199470A8738"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.152:*:*:*:*:*:*:*",
"matchCriteriaId": "4D55A950-7D48-413C-AD43-6AC64FBE790C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.167:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A22B74-453D-4A8A-B79A-2B3143A0D995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.189:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE4B077-67D1-4B25-976E-715FB6B2A1D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.223:*:*:*:*:*:*:*",
"matchCriteriaId": "BFC91B68-6B35-47BD-BC02-3F836E772CF3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.239:*:*:*:*:*:*:*",
"matchCriteriaId": "A3BE6004-C30A-46E2-9F25-785E12BBF640"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.246:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE8E51F-7A32-41A4-B03A-73E52EB64C04"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:16.0.0.235:*:*:*:*:*:*:*",
"matchCriteriaId": "3E13E927-A77C-4681-AFDE-A5A14093234D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:16.0.0.257:*:*:*:*:*:*:*",
"matchCriteriaId": "27629FF0-5EB9-476F-B5B3-115F663AB65E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:16.0.0.287:*:*:*:*:*:*:*",
"matchCriteriaId": "C0AB583F-3EBD-47B6-975E-7754CC32CCA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:16.0.0.296:*:*:*:*:*:*:*",
"matchCriteriaId": "B58DE1A9-0510-4B65-AB18-75F9263A7818"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00006.html",
"source": "psirt@adobe.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00007.html",
"source": "psirt@adobe.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00008.html",
"source": "psirt@adobe.com"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00009.html",
"source": "psirt@adobe.com"
},
{
"url": "http://packetstormsecurity.com/files/131189/Adobe-Flash-Player-ByteArray-With-Workers-Use-After-Free.html",
"source": "psirt@adobe.com"
},
{
"url": "http://www.osvdb.org/117853",
"source": "psirt@adobe.com"
},
{
"url": "http://www.securityfocus.com/bid/72429",
"source": "psirt@adobe.com"
},
{
"url": "http://www.securitytracker.com/id/1031686",
"source": "psirt@adobe.com"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100641",
"source": "psirt@adobe.com"
},
{
"url": "https://helpx.adobe.com/security/products/flash-player/apsa15-02.html",
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-04.html",
"source": "psirt@adobe.com"
},
{
"url": "https://technet.microsoft.com/library/security/2755801",
"source": "psirt@adobe.com"
},
{
"url": "https://www.exploit-db.com/exploits/36579/",
"source": "psirt@adobe.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink