ID CVE-2015-0311
Summary Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows and OS X and through 11.2.202.438 on Linux allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in January 2015.
References
Vulnerable Configurations
  • Adobe Flash Player 11.2.202.438
    cpe:2.3:a:adobe:flash_player:11.2.202.438
  • Linux Kernel
    cpe:2.3:o:linux:linux_kernel
  • cpe:2.3:a:adobe:flash_player:15.0.0.167
    cpe:2.3:a:adobe:flash_player:15.0.0.167
  • cpe:2.3:a:adobe:flash_player:15.0.0.152
    cpe:2.3:a:adobe:flash_player:15.0.0.152
  • cpe:2.3:a:adobe:flash_player:14.0.0.179
    cpe:2.3:a:adobe:flash_player:14.0.0.179
  • Adobe Flash Player 16.0.0.257
    cpe:2.3:a:adobe:flash_player:16.0.0.257
  • Adobe Flash Player 16.0.0.287
    cpe:2.3:a:adobe:flash_player:16.0.0.287
  • cpe:2.3:a:adobe:flash_player:16.0.0.235
    cpe:2.3:a:adobe:flash_player:16.0.0.235
  • cpe:2.3:a:adobe:flash_player:15.0.0.246
    cpe:2.3:a:adobe:flash_player:15.0.0.246
  • Adobe Flash Player 15.0.0.239
    cpe:2.3:a:adobe:flash_player:15.0.0.239
  • cpe:2.3:a:adobe:flash_player:15.0.0.223
    cpe:2.3:a:adobe:flash_player:15.0.0.223
  • Adobe Flash Player 15.0.0.189
    cpe:2.3:a:adobe:flash_player:15.0.0.189
  • cpe:2.3:a:adobe:flash_player:14.0.0.176
    cpe:2.3:a:adobe:flash_player:14.0.0.176
  • Adobe Flash Player 14.0.0.145
    cpe:2.3:a:adobe:flash_player:14.0.0.145
  • Adobe Flash Player 14.0.0.125
    cpe:2.3:a:adobe:flash_player:14.0.0.125
  • Adobe Flash Player 13.0.0.262
    cpe:2.3:a:adobe:flash_player:13.0.0.262
  • Apple Mac OS X
    cpe:2.3:o:apple:mac_os_x
  • Microsoft Windows
    cpe:2.3:o:microsoft:windows
CVSS
Base: 10.0 (as of 26-01-2015 - 10:49)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
description Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free. CVE-2015-0311. Remote exploit for windows platform
id EDB-ID:36360
last seen 2016-02-04
modified 2015-03-12
published 2015-03-12
reporter metasploit
source https://www.exploit-db.com/download/36360/
title Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free
metasploit via4
description This module exploits a use after free vulnerability in Adobe Flash Player. The vulnerability occurs in the ByteArray::UncompressViaZlibVariant method, when trying to uncompress() a malformed byte stream. This module has been tested successfully on: * Windows 7 SP1 (32 bits), IE 8 to IE 11 and Flash 16.0.0.287, 16.0.0.257 and 16.0.0.235. * Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 16.0.0.287. * Windows 8.1, Firefox 38.0.5 and Adobe Flash 16.0.0.305. * Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Flash 11.2.202.424.
id MSF:EXPLOIT/MULTI/BROWSER/ADOBE_FLASH_UNCOMPRESS_ZLIB_UAF
last seen 2018-09-09
modified 2017-07-24
published 2015-05-20
reliability Great
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/browser/adobe_flash_uncompress_zlib_uaf.rb
title Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_GOOGLE_CHROME_40_0_2214_93.NASL
    description The version of Google Chrome installed on the remote Mac OS X host is prior to 40.0.2214.93. It is, therefore, affected by the following vulnerabilities : - A use-after-free error exists that allows an attacker to crash the application or execute arbitrary code. (CVE-2015-0311) - A double-free error exists that allows an attacker to crash the application or possibly execute arbitrary code. (CVE-2015-0312)
    last seen 2018-09-02
    modified 2018-07-14
    plugin id 81021
    published 2015-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81021
    title Google Chrome < 40.0.2214.93 Flash Player Multiple Remote Code Execution (Mac OS X)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_FLASH_PLAYER_16_0_0_296.NASL
    description According to its version, the Adobe Flash Player installed on the remote Mac OS X host is equal or prior to 16.0.0.287. It is, therefore, affected by the following vulnerabilities : - A use-after-free error exists that allows an attacker to crash the application or execute arbitrary code. (CVE-2015-0311) - A double-free error exists that allows an attacker to crash the application or possibly execute arbitrary code. (CVE-2015-0312)
    last seen 2018-09-02
    modified 2018-07-14
    plugin id 80999
    published 2015-01-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80999
    title Flash Player For Mac <= 16.0.0.287 Unspecified Code Execution (APSA15-01)
  • NASL family Windows
    NASL id GOOGLE_CHROME_40_0_2214_93.NASL
    description The version of Google Chrome installed on the remote Windows host is prior to 40.0.2214.93. It is, therefore, affected by the following vulnerabilities : - A use-after-free error exists that allows an attacker to crash the application or execute arbitrary code. (CVE-2015-0311) - A double-free error exists that allows an attacker to crash the application or possibly execute arbitrary code. (CVE-2015-0312)
    last seen 2018-09-01
    modified 2018-07-12
    plugin id 81020
    published 2015-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81020
    title Google Chrome < 40.0.2214.93 Flash Player Multiple Remote Code Execution
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201502-02.NASL
    description The remote host is affected by the vulnerability described in GLSA-201502-02 (Adobe Flash Player: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Adobe Flash Player. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, obtain sensitive information or bypass security restrictions. Workaround : There is no known workaround at this time.
    last seen 2018-09-02
    modified 2015-04-13
    plugin id 81225
    published 2015-02-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81225
    title GLSA-201502-02 : Adobe Flash Player: Multiple vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-78.NASL
    description Adobe Flash Player was updated to 11.2.202.440 (bsc#914463, APSA15-01, CVE-2015-0311). More information can be found on https://helpx.adobe.com/security/products/flash-player/apsa15-01.html An update of flashplayer (executable binary) for i386 is currently not available. Disabled!
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 81030
    published 2015-01-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81030
    title openSUSE Security Update : flash-player (openSUSE-SU-2015:0150-1)
  • NASL family Windows
    NASL id FLASH_PLAYER_APSA15-01.NASL
    description According to its version, the Adobe Flash Player installed on the remote Windows host is equal or prior to 16.0.0.287. It is, therefore, affected by the following vulnerabilities : - A use-after-free error exists that allows an attacker to crash the application or execute arbitrary code. (CVE-2015-0311) - A double-free error exists that allows an attacker to crash the application or possibly execute arbitrary code. (CVE-2015-0312)
    last seen 2018-09-01
    modified 2018-07-11
    plugin id 80998
    published 2015-01-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80998
    title Flash Player <= 16.0.0.287 Unspecified Code Execution (APSA15-01 / APSB15-03)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_37A87ADEA59F11E4958E0011D823EEBD.NASL
    description Adobe reports : Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system. We are aware of reports that this vulnerability is being actively exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below.
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 81009
    published 2015-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81009
    title FreeBSD : Adobe Flash Player -- critical vulnerability (37a87ade-a59f-11e4-958e-0011d823eebd)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-81.NASL
    description Adobe Flash Player was updated to 11.2.202.440 (bsc#914463) : - APSA15-01, CVE-2015-0311 - Update of flashplayer (executable binary) for i386 is not available. This binary was disabled. - Security update to 11.2.202.438 (bsc#914333) : - APSB15-02, CVE-2015-0310 - Security update to 11.2.202.429 (bsc#913057) : - APSB15-01, CVE-2015-0301, CVE-2015-0302, CVE-2015-0303, CVE-2015-0304, CVE-2015-0305, CVE-2015-0306, CVE-2015-0307, CVE-2015-0308, CVE-2015-0309. - Disable flash player on machines without SSE2 (bnc#856386). - Remove outdated README and keep only up-to-date readme.txt.
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 81098
    published 2015-01-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81098
    title openSUSE Security Update : flash-player (openSUSE-SU-2015:0174-1)
  • NASL family Windows
    NASL id SMB_KB3035034.NASL
    description The remote host is missing KB3035034. It is, therefore, affected by the following vulnerabilities : - A use-after-free error exists that allows an attacker to crash the application or execute arbitrary code. (CVE-2015-0311) - A double-free error exists that allows an attacker to crash the application or execute arbitrary code. (CVE-2015-0312)
    last seen 2018-11-17
    modified 2018-11-15
    plugin id 81046
    published 2015-01-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81046
    title MS KB3035034: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_FLASH-PLAYER-150127.NASL
    description Adobe Flash Player was updated to version 11.2.202.440 (bsc#914463, APSA15-01, CVE-2015-0311). More information can be found at https://helpx.adobe.com/security/products/flash-player/apsa15-01.html . An update of flashplayer (executable binary) for i386 is currently not available and was thus disabled.
    last seen 2018-09-01
    modified 2015-03-17
    plugin id 81077
    published 2015-01-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81077
    title SuSE 11.3 Security Update : flash-player (SAT Patch Number 10226)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2015-0094.NASL
    description An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB15-02, and APSB15-03, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. (CVE-2015-0310, CVE-2015-0311, CVE-2015-0312) All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.440.
    last seen 2018-12-15
    modified 2018-12-14
    plugin id 81036
    published 2015-01-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81036
    title RHEL 6 : flash-plugin (RHSA-2015:0094)
packetstorm via4
data source https://packetstormsecurity.com/files/download/130788/adobe_flash_uncompress_zlib_uaf.rb.txt
id PACKETSTORM:130788
last seen 2016-12-05
published 2015-03-12
reporter juan vazquez
source https://packetstormsecurity.com/files/130788/Adobe-Flash-Player-ByteArray-UncompressViaZlibVariant-Use-After-Free.html
title Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free
refmap via4
bid 72283
confirm
gentoo GLSA-201502-02
misc http://malware.dontneedcoffee.com/2015/01/unpatched-vulnerability-0day-in-flash.html
sectrack 1031597
secunia
  • 62432
  • 62543
  • 62650
  • 62660
  • 62740
suse
  • SUSE-SU-2015:0151
  • SUSE-SU-2015:0163
the hacker news via4
Last major update 13-02-2015 - 22:00
Published 23-01-2015 - 16:59
Back to Top