Adobe Flash Player prior to 13.0.0.281 and 14.x up to and including 17.x prior to 17.0.0.169 on Windows and OS X and prior to 11.2.202.457 on Linux allows malicious users to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in April 2015, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, and CVE-2015-3042.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adobe flash_player |
||
adobe flash_player 14.0.0.125 |
||
adobe flash_player 15.0.0.223 |
||
adobe flash_player 15.0.0.239 |
||
adobe flash_player 15.0.0.246 |
||
adobe flash_player 14.0.0.179 |
||
adobe flash_player 15.0.0.152 |
||
adobe flash_player 16.0.0.287 |
||
adobe flash_player 16.0.0.296 |
||
adobe flash_player 15.0.0.167 |
||
adobe flash_player 15.0.0.189 |
||
adobe flash_player 17.0.0.134 |
||
adobe flash_player 14.0.0.145 |
||
adobe flash_player 14.0.0.176 |
||
adobe flash_player 16.0.0.235 |
||
adobe flash_player 16.0.0.257 |
||
novell suse linux enterprise desktop 12.0 |
||
opensuse opensuse 13.2 |
||
opensuse opensuse 13.1 |
||
novell suse linux enterprise desktop 11.0 |
||
novell suse linux enterprise workstation extension 12.0 |
||
redhat enterprise linux server supplementary 6.0 |
||
redhat enterprise linux workstation supplementary 6.0 |
||
redhat enterprise linux desktop supplementary 5.0 |
||
redhat enterprise linux desktop supplementary 6.0 |
||
redhat enterprise linux server supplementary eus 6.6.z |
||
redhat enterprise linux supplementary 5.0 |
Operation RussianDoll smelled like Russian miscreants, say infosec bods
A hacking group probably backed by Russia has been making use of two zero-day exploits to target foreign governments. The so-called "Operation RussianDoll" attackers used zero-day exploits in Adobe Flash and Windows to target a specific foreign government organisation. Security firm FireEye says the pattern of the attacks fits those of the recently exposed APT 28 cyberspies, making the group the most likely culprits for the latest attack. The highly complex attack featuring used two zero-days to...
Patch now before someone writes exploits for these bugs
Microsoft has delivered its latest monthly batch of security updates to address flaws in Windows, Office and Internet Explorer. Redmond's latest Patch Tuesday payload includes 11 bulletins, four of which are rated critical as they allow attackers to execute malicious code on victims' computers from across the internet. The full list is as follows: Microsoft thanks those who reported the aforementioned programming blunders, right here. One of the security updates for Internet Explorer 11 also dis...