New Search

Vulnerability in Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before 16.0.0.287 - CVE-2015-0310

oval:org.cisecurity:def:1254

Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before 16.0.0.287 on Windows and OS X and before 11.2.202.438 on Linux does not properly restrict discovery of memory addresses which allows attackers to bypass the ASLR protection mechanism on Windows and have an unspecified impact on other platforms via unknown vectors as exploited in the wild in January 2015.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 7
  • Microsoft Windows Server 2003
  • Microsoft Windows 8.1
  • Microsoft Windows 10
  • Microsoft Windows Server 2008
  • Microsoft Windows XP
  • Microsoft Windows Vista
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows Server 2012
  • Microsoft Windows 8
Class:
vulnerability
Reference(s):
  • CVE-2015-0310
Product(s):
  • Adobe Flash Player
  • Pepper Flash
  • ActiveX Control