VDB
CVE-2015-0310
CVE-2015-0310
PUBLISHED
KEV
Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before 16.0.0.287 on Windows and OS X and before 11.2.202.438 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism on Windows, and have an unspecified impact on other platforms, via unknown vectors, as exploited in the wild in January 2015.
EPSS 10.11% · 93.2th percentile
Risk Scores
EPSS Score
10.11%
93.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:14.04:LTS | flashplugin-nonfree | 0, 11.2.202.310ubuntu1, 11.2.202.327ubuntu0.13.10.1 |
Exploit Intelligence
- Out-of-bounds read in RegExp::exec (Adobe Flash) (gpz)
- Out-of-bounds read in RegExp::exec (Adobe Flash) (gpz)
- Out-of-bounds read in RegExp::exec (Adobe Flash) (gpz)
- Out-of-bounds read in RegExp::exec (Adobe Flash) (gpz)
- Out-of-bounds read in RegExp::exec (Adobe Flash) (gpz)
- Out-of-bounds read in RegExp::exec (Adobe Flash) (gpz)
- kev.json (github-poc)
- kev.json (github-poc)
- kev.json (github-poc)
- kev.json (github-poc)
…and 6 more exploits
Timeline
- Jan 22, 2015 PoC Published
- Jan 23, 2015 CVE Published
- Feb 4, 2022 EPSS Score
- May 20, 2022 EPSS Score
- May 25, 2022 CISA KEV Added
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 23, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
- Sep 30, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2015-0310 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2015-0310 third-party-advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog third-party-advisory