CVE-2015-3088 — Vulnetix

Try Vulnetix Request Demo

CVE-2015-3088 PUBLISHED

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allows attackers to execute arbitrary code via unspecified vectors.

EPSS 79.45% · 99.1th percentile

Risk Scores

EPSS Score

79.45%

99.1th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:14.04:LTS	flashplugin-nonfree	0, 11.2.202.310ubuntu1, 11.2.202.327ubuntu0.13.10.1

Timeline

May 13, 2015 CVE Published
Aug 19, 2015 PoC Published
Feb 4, 2022 EPSS Score
Feb 24, 2023 EPSS Score
Apr 6, 2023 EPSS Score
Jun 12, 2023 EPSS Score
Nov 6, 2024 EPSS Score
Dec 17, 2024 EPSS Score
Mar 20, 2025 EPSS Score
Mar 21, 2025 EPSS Score
Mar 24, 2025 EPSS Score
Mar 25, 2025 EPSS Score

References

https://ubuntu.com/security/CVE-2015-3088 third-party-advisory
https://helpx.adobe.com/security/products/flash-player/apsb15-09.html third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2015-3088 third-party-advisory

Open in Interactive Console →