Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2015-3105

Published: 10/06/2015 Updated: 31/12/2016
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Adobe

Vulnerability Summary

Adobe Flash Player prior to 13.0.0.292 and 14.x up to and including 18.x prior to 18.0.0.160 on Windows and OS X and prior to 11.2.202.466 on Linux, Adobe AIR prior to 18.0.0.144 on Windows and prior to 18.0.0.143 on OS X and Android, Adobe AIR SDK prior to 18.0.0.144 on Windows and prior to 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler prior to 18.0.0.144 on Windows and prior to 18.0.0.143 on OS X allow malicious users to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Vulnerable Product Search on Vulmon Subscribe to Product

adobe flash_player

adobe flash_player 15.0.0.223

adobe flash_player 15.0.0.239

adobe flash_player 17.0.0.169

adobe flash_player 17.0.0.188

adobe flash_player 14.0.0.176

adobe flash_player 14.0.0.179

adobe flash_player 16.0.0.257

adobe flash_player 16.0.0.287

adobe flash_player 14.0.0.125

adobe flash_player 14.0.0.145

adobe flash_player 15.0.0.246

adobe flash_player 16.0.0.235

adobe flash_player 15.0.0.152

adobe flash_player 15.0.0.167

adobe flash_player 15.0.0.189

adobe flash_player 16.0.0.296

adobe flash_player 17.0.0.134

adobe air_sdk

adobe air

adobe air_sdk_\\&_compiler

google android

Vendor Advisories

Red Hat: CVE-2015-3105
Adobe Flash Player before 1300292 and 14x through 18x before 1800160 on Windows and OS X and before 112202466 on Linux, Adobe AIR before 1800144 on Windows and before 1800143 on OS X and Android, Adobe AIR SDK before 1800144 on Windows and before 1800143 on OS X, and Adobe AIR SDK & Compiler before 1800144 on Windows a ...

Exploits

Exploit DB: Adobe Flash Player - Drawing Fill Shader Memory Corruption (Metasploit)
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = GreatRanking include Msf::Exploit::Remote::BrowserExploitServer def initialize(info={}) super(update_info(info, 'Name' ...
Exploit DB: Adobe Flash Player Drawing Fill Shader Memory Corruption
This Metasploit module exploits a memory corruption happening when applying a Shader as a drawing fill as exploited in the wild on June 2015 This Metasploit module has been tested successfully on: Windows 7 SP1 (32-bit), IE11 and Adobe Flash 1700188, Windows 7 SP1 (32-bit), Firefox 3805 and Adobe Flash 1700188, Windows 81, Firefox 3805 ...

Github Repositories

https://github.com/HaifeiLi/HardenFlash

Patching Flash binary to stop Flash exploits and zero-days

#HardenFlash - Patching Flash binary to stop Flash exploits and zero-days Introduction You probably know how bad it is for Flash security Five years ago we often heard of Flash-based zero-day attacks, 5 years later we are still facing the same situation (or even worse since we are in the "APT" era now) In Feb 2013, the author revealed the aka "Vector Spray&q

https://github.com/Xattam1/Adobe-Flash-Exploits_17-18

Converted Metasploit exploits for Adobe Flash vulnerabilities CVE-2015-3090, CVE-2015-3105, CVE-2015-5119, and CVE-2015-5122 to a Python3 script.

Adobe Flash Exploits CVE-2015-3090, CVE-2015-3105, CVE-2015-5119, and CVE-2015-5122 Python3 Script Converted Metasploit exploits for Adobe Flash vulnerabilities CVE-2015-3090, CVE-2015-3105, CVE-2015-5119, and CVE-2015-5122 to a Python3 script Information This script will host a web server that can exploit one of the following Adobe Flash vulnerabilities at a time: CVE-2015-3

https://github.com/Xattam1/Adobe-Flash-Exploits_CVE-2015-3090_CVE-2015-3105_CVE-2015-5119_CVE-2015-5122

Converted Metasploit exploits for Adobe Flash vulnerabilities CVE-2015-3090, CVE-2015-3105, CVE-2015-5119, and CVE-2015-5122 to a Python3 script.

Adobe Flash Exploits CVE-2015-3090, CVE-2015-3105, CVE-2015-5119, and CVE-2015-5122 Python3 Script Converted Metasploit exploits for Adobe Flash vulnerabilities CVE-2015-3090, CVE-2015-3105, CVE-2015-5119, and CVE-2015-5122 to a Python3 script Information This script will host a web server that can exploit one of the following Adobe Flash vulnerabilities at a time: CVE-2015-3

References

CWE-119https://helpx.adobe.com/security/products/flash-player/apsb15-11.htmlhttp://www.securityfocus.com/bid/75086https://security.gentoo.org/glsa/201506-01http://www.securitytracker.com/id/1032519http://rhn.redhat.com/errata/RHSA-2015-1086.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-06/msg00011.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-06/msg00009.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-06/msg00005.htmlhttps://nvd.nist.govhttps://github.com/HaifeiLi/HardenFlashhttps://www.exploit-db.com/exploits/37448/https://access.redhat.com/security/cve/cve-2015-3105
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298CVE-2024-20356CVE-2023-21987CVE-2024-33217bypassCVE-2024-31804CVE-2024-32660unauthorizedSSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook