CVE-2015-5130
Summary
| CVE | CVE-2015-5130 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2015-08-14 01:59:00 UTC |
| Updated | 2018-01-05 02:30:00 UTC |
| Description | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-5127, CVE-2015-5134, CVE-2015-5539, CVE-2015-5540, CVE-2015-5550, CVE-2015-5551, CVE-2015-5556, CVE-2015-5557, CVE-2015-5559, CVE-2015-5561, CVE-2015-5563, CVE-2015-5564, and CVE-2015-5565. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Adobe | Air | All | All | All | All |
| Application | Adobe | Air Sdk | All | All | All | All |
| Application | Adobe | Air Sdk Compiler | All | All | All | All |
| Application | Adobe | Air Sdk Compiler | All | All | All | All |
| Application | Adobe | Flash Player | All | All | All | All |
| Application | Adobe | Flash Player | All | All | All | All |
| Operating System | Apple | Mac Os X | - | All | All | All |
| Operating System | Apple | Mac Os X | - | All | All | All |
| Operating System | Linux | Linux Kernel | - | All | All | All |
| Operating System | Linux | Linux Kernel | - | All | All | All |
| Operating System | Microsoft | Windows | - | All | All | All |
| Operating System | Microsoft | Windows | - | All | All | All |
| Operating System | Opensuse | Evergreen | 11.4 | All | All | All |
| Operating System | Opensuse | Evergreen | 11.4 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Adobe Flash Player Buffer Overflows and Memory Corruption Errors Let Remote Users Execute Arbitrary Code - SecurityTracker | SECTRACK | www.securitytracker.com | |
| Document Display | HPE Support Center | CONFIRM | h20566.www2.hpe.com | |
| [security-announce] openSUSE-SU-2015:1781-1: critical: Security update f | SUSE | lists.opensuse.org | Third Party Advisory |
| Document Display | HPE Support Center | CONFIRM | h20566.www2.hpe.com | |
| Adobe Flash AS2 - MovieClip.scrollRect Use-After-Free - Windows dos Exploit | EXPLOIT-DB | www.exploit-db.com | |
| Gentoo Security | GENTOO | security.gentoo.org | |
| Adobe Security Bulletin | CONFIRM | helpx.adobe.com | Patch, Vendor Advisory |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | |
| Document Display | HPE Support Center | CONFIRM | h20566.www2.hpe.com | |
| Adobe Flash Player and AIR APSB15-19 Multiple Use After Free Remote Code Execution Vulnerabilities | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.