Heap-based buffer overflow in Adobe Flash Player prior to 13.0.0.296 and 14.x up to and including 18.x prior to 18.0.0.194 on Windows and OS X and prior to 11.2.202.468 on Linux allows remote malicious users to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
adobe flash_player 14.0.0.176 |
||
adobe flash_player 14.0.0.179 |
||
adobe flash_player 16.0.0.257 |
||
adobe flash_player 16.0.0.287 |
||
adobe flash_player |
||
adobe flash_player 15.0.0.189 |
||
adobe flash_player 15.0.0.223 |
||
adobe flash_player 15.0.0.239 |
||
adobe flash_player 17.0.0.169 |
||
adobe flash_player 17.0.0.188 |
||
adobe flash_player 14.0.0.125 |
||
adobe flash_player 14.0.0.145 |
||
adobe flash_player 15.0.0.246 |
||
adobe flash_player 16.0.0.235 |
||
adobe flash_player 18.0.0.161 |
||
adobe flash_player 15.0.0.152 |
||
adobe flash_player 15.0.0.167 |
||
adobe flash_player 16.0.0.296 |
||
adobe flash_player 17.0.0.134 |
CVE-2015-3113: Patch or pay.
Attackers have added a recent dangerous Adobe vulnerability to the Magnitude exploit kit, according to respected independent malware researcher "Kafeine". The remote code execution vulnerability (CVE-2015-3113) revealed last week allows attackers to hijack un-patched machines targeting Internet Explorer on Windows 7 and XP. Web villains designated APT 3 by FireEye sleuths are already exploiting the flaw through phishing attacks. Now the researcher known as Kafeine says the vulnerability has been...
Patch now, or just dump the thing
Adobe is advising users and administrators to patch its Flash Player after yet another remote-code execution vulnerability was discovered in the plugin. The patch fixes bug CVE-2015-3113, which allows attackers to take control of a system if it opens a malicious Flash file. Miscreants are exploiting the flaw in the wild to hijack PCs, targeting Internet Explorer on Windows 7 and Firefox on Windows XP. Adobe credited researchers at FireEye in spotting and reporting the flaw. Miscreants are appare...