CVE-2015-5122 - Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation i

CVE-2015-5122

Summary

Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.

References

Vulnerable Configurations

cpe:2.3:a:adobe:flash_player:13.0:*:*:*:esr:*:*:*
cpe:2.3:a:adobe:flash_player:13.0:*:*:*:esr:*:*:*
cpe:2.3:a:adobe:flash_player:13.0.0.302:*:*:*:esr:*:*:*
cpe:2.3:a:adobe:flash_player:13.0.0.302:*:*:*:esr:*:*:*
cpe:2.3:a:adobe:flash_player:18.0:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:18.0:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:18.0.0.203:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:18.0.0.203:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:18.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:18.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:18.0.0.203:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player_desktop_runtime:18.0.0.203:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:18.0.0.204:*:*:*:*:chrome:*:*
cpe:2.3:a:adobe:flash_player:18.0.0.204:*:*:*:*:chrome:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:18.0:*:*:*:*:internet_explorer_10:*:*
cpe:2.3:a:adobe:flash_player:18.0:*:*:*:*:internet_explorer_10:*:*
cpe:2.3:a:adobe:flash_player:18.0.0.203:*:*:*:*:internet_explorer_10:*:*
cpe:2.3:a:adobe:flash_player:18.0.0.203:*:*:*:*:internet_explorer_10:*:*
cpe:2.3:a:adobe:flash_player:18.0:*:*:*:*:internet_explorer_11:*:*
cpe:2.3:a:adobe:flash_player:18.0:*:*:*:*:internet_explorer_11:*:*
cpe:2.3:a:adobe:flash_player:18.0.0.203:*:*:*:*:internet_explorer_11:*:*
cpe:2.3:a:adobe:flash_player:18.0.0.203:*:*:*:*:internet_explorer_11:*:*
cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.0:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.0.1.152:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.0.1.152:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.0.1.152:*:*:*:*:*:x64:*
cpe:2.3:a:adobe:flash_player:11.0.1.152:*:*:*:*:*:x64:*
cpe:2.3:a:adobe:flash_player:11.0.1.153:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.0.1.153:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.102.55:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.102.55:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.102.55:*:*:*:*:*:x64:*
cpe:2.3:a:adobe:flash_player:11.1.102.55:*:*:*:*:*:x64:*
cpe:2.3:a:adobe:flash_player:11.1.102.59:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.102.59:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.102.62:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.102.62:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.102.63:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.102.63:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.8:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.8:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.9:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.9:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.13:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.13:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.44:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.44:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.50:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.50:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.54:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.54:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.64:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.64:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.73:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.111.73:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.7:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.7:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.8:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.8:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.34:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.34:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.48:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.48:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.54:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.54:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.58:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.58:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.59:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.59:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.63:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.63:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.69:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.69:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.81:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.1.115.81:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.223:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.223:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.228:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.228:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.229:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.229:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.233:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.233:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.235:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.235:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.236:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.236:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.238:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.238:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.243:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.243:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.251:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.251:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.258:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.258:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.261:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.261:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.262:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.262:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.270:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.270:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.273:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.273:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.275:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.275:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.280:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.280:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.285:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.285:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.291:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.291:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.297:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.297:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.310:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.310:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.327:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.327:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.332:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.332:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.335:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.335:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.336:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.336:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.341:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.341:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.346:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.346:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.350:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.350:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.356:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.356:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.359:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.359:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.378:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.378:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.394:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.394:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.400:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.400:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.406:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.406:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.411:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.411:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.418:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.418:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.424:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.424:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.425:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.425:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.429:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.429:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.438:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.438:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.440:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.440:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.442:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.442:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.451:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.451:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.457:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.457:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.460:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.460:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.466:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.466:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.468:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.468:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.475:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.475:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.481:*:*:*:*:*:*:*
cpe:2.3:a:adobe:flash_player:11.2.202.481:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 02-07-2024 - 17:42)
Impact:
Exploitability:

CWE

CWE-416

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

redhat via4

advisories

rhsa

id	RHSA-2015:1235

rpms

flash-plugin-0:11.2.202.491-1.el5
flash-plugin-0:11.2.202.491-1.el6_6

refmap via4

bid	75712
cert	TA15-195A
cert-vn	VU#338736
confirm	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467 https://helpx.adobe.com/security/products/flash-player/apsa15-04.html https://helpx.adobe.com/security/products/flash-player/apsb15-18.html
exploit-db	37599
gentoo	GLSA-201508-01
hp	HPSBHF03509 HPSBMU03409 SSRT102253
misc	http://packetstormsecurity.com/files/132663/Adobe-Flash-opaqueBackground-Use-After-Free.html http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_opaque_background_uaf https://perception-point.io/2018/04/11/breaking-cfi-cve-2015-5122-coop/ https://perception-point.io/new/breaking-cfi.php https://www.fireeye.com/blog/threat-research/2015/07/cve-2015-5122_-_seco.html
sectrack	1032890
suse	SUSE-SU-2015:1255 SUSE-SU-2015:1258 openSUSE-SU-2015:1267

Last major update

02-07-2024 - 17:42

Published

14-07-2015 - 10:59

Last modified

02-07-2024 - 17:42