CVE-2015-5122

{"id": "CVE-2015-5122", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2015-07-14T10:59:00.213", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "psirt@adobe.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "psirt@adobe.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "psirt@adobe.com"}, {"url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2", "tags": ["Mailing List", "Third Party Advisory"], "source": "psirt@adobe.com"}, {"url": "http://packetstormsecurity.com/files/132663/Adobe-Flash-opaqueBackground-Use-After-Free.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "psirt@adobe.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1235.html", "tags": ["Third Party Advisory"], "source": "psirt@adobe.com"}, {"url": "http://www.kb.cert.org/vuls/id/338736", "tags": ["Third Party Advisory", "US Government Resource"], "source": "psirt@adobe.com"}, {"url": "http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_opaque_background_uaf", "tags": ["Third Party Advisory"], "source": "psirt@adobe.com"}, {"url": "http://www.securityfocus.com/bid/75712", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "psirt@adobe.com"}, {"url": "http://www.securitytracker.com/id/1032890", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "psirt@adobe.com"}, {"url": "http://www.us-cert.gov/ncas/alerts/TA15-195A", "tags": ["Third Party Advisory", "US Government Resource"], "source": "psirt@adobe.com"}, {"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784", "tags": ["Broken Link", "Third Party Advisory"], "source": "psirt@adobe.com"}, {"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784", "tags": ["Broken Link", "Third Party Advisory"], "source": "psirt@adobe.com"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467", "tags": ["Third Party Advisory"], "source": "psirt@adobe.com"}, {"url": "https://helpx.adobe.com/security/products/flash-player/apsa15-04.html", "tags": ["Broken Link", "Vendor Advisory"], "source": "psirt@adobe.com"}, {"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-18.html", "tags": ["Broken Link", "Vendor Advisory"], "source": "psirt@adobe.com"}, {"url": "https://perception-point.io/2018/04/11/breaking-cfi-cve-2015-5122-coop/", "tags": ["Broken Link", "Third Party Advisory"], "source": "psirt@adobe.com"}, {"url": "https://perception-point.io/new/breaking-cfi.php", "tags": ["Broken Link", "Third Party Advisory"], "source": "psirt@adobe.com"}, {"url": "https://security.gentoo.org/glsa/201508-01", "tags": ["Third Party Advisory"], "source": "psirt@adobe.com"}, {"url": "https://www.exploit-db.com/exploits/37599/", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "psirt@adobe.com"}, {"url": "https://www.fireeye.com/blog/threat-research/2015/07/cve-2015-5122_-_seco.html", "tags": ["Broken Link", "Third Party Advisory"], "source": "psirt@adobe.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://packetstormsecurity.com/files/132663/Adobe-Flash-opaqueBackground-Use-After-Free.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1235.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/338736", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_opaque_background_uaf", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/75712", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1032890", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.us-cert.gov/ncas/alerts/TA15-195A", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784", "tags": ["Broken Link", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784", "tags": ["Broken Link", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://helpx.adobe.com/security/products/flash-player/apsa15-04.html", "tags": ["Broken Link", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://helpx.adobe.com/security/products/flash-player/apsb15-18.html", "tags": ["Broken Link", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://perception-point.io/2018/04/11/breaking-cfi-cve-2015-5122-coop/", "tags": ["Broken Link", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://perception-point.io/new/breaking-cfi.php", "tags": ["Broken Link", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.gentoo.org/glsa/201508-01", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.exploit-db.com/exploits/37599/", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.fireeye.com/blog/threat-research/2015/07/cve-2015-5122_-_seco.html", "tags": ["Broken Link", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-416"}]}], "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015."}, {"lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n descubierta en la implementaci\u00f3n de la clase DisplayObject en el ActionScript (AS3) en Adobe Flash Player 13.x hasta 13.0.0.302 en Windows y en OS X, 14.x hasta 18.0.0.203 en Windows y en OS X, 11.x hasta 11.2.202.481 en Linux, y en 12.x hasta 18.0.0.204 en las intalaciones de Google Chorme en Linux permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) hasta contenido Flash manipulado que aprovecha el manejo inadecuado de la propiedad opaqueBackground, tal y como fue utilizado activamente en julio de 2015."}], "lastModified": "2024-11-21T02:32:24.423", "cisaActionDue": "2022-05-04", "cisaExploitAdd": "2022-04-13", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:*", "vulnerable": true, "matchCriteriaId": "17769E33-3CBA-475B-8CC6-263F38B548DD", "versionEndIncluding": "13.0.0.302", "versionStartIncluding": "13.0"}, {"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "vulnerable": true, "matchCriteriaId": "31C75D4E-31EC-4889-8DAF-559B9FECBBB7", "versionEndIncluding": "18.0.0.203", "versionStartIncluding": "18.0"}, {"criteria": "cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71F9E1A3-B61E-4949-86B0-C252943072ED", "versionEndIncluding": "18.0.0.203", "versionStartIncluding": "18.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:chrome:*:*", "vulnerable": true, "matchCriteriaId": "F160BA87-34AD-4E34-8605-EDE5048CF618", "versionEndIncluding": "18.0.0.204", "versionStartIncluding": "18.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_10:*:*", "vulnerable": true, "matchCriteriaId": "672576D9-06C2-4564-9853-7E6991E30710", "versionEndIncluding": "18.0.0.203", "versionStartIncluding": "18.0"}, {"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:internet_explorer_11:*:*", "vulnerable": true, "matchCriteriaId": "E72C2D81-2088-482F-9BD3-D11A205D53CD", "versionEndIncluding": "18.0.0.203", "versionStartIncluding": "18.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0D229E41-A971-4284-9657-16D78414B93F"}, {"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "638F2736-01BF-4AF8-9215-C1E81B1DC9EE", "versionEndIncluding": "11.2.202.481", "versionStartIncluding": "11.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C18E3368-8980-45D2-AD3F-5BF385ABA693"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCE4D64E-8C4B-4F21-A9B0-90637C85C1D0"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17D4B6F2-514D-4BC2-B2C5-4E2FCCAC594C"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1EB0F28-F23A-4969-8A3E-66DA2EFA40C3"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9DFA18B6-2642-470A-A350-68947529EE5D"}], "operator": "OR"}]}], "evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/416.html\" rel=\"nofollow\">CWE-416: Use After Free</a>", "sourceIdentifier": "psirt@adobe.com", "cisaRequiredAction": "The impacted product is end-of-life and should be disconnected if still in use.", "cisaVulnerabilityName": "Adobe Flash Player Use-After-Free Vulnerability"}