CVE-2015-0313

KEV

Published: Feb 02, 2015 Last Modified: Nov 17, 2025

ExploitDB:

Other exploit source:

Google Dorks:

CRITICAL 9,8

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

HIGH 10,0

Source: [email protected]

Access Vector: network

Access Complexity: low

Authentication: none

Confidentiality: complete

Integrity: complete

Availability: complete

Description

AI Translation Available

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,9327

Percentile

1,0th

Updated

EPSS Score Trend (Last 90 Days)

416

Use After Free

Stable

Abstraction: Variant Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Availability Confidentiality

Potential Impacts:

Modify Memory Dos: Crash, Exit, Or Restart Execute Unauthorized Code Or Commands

Applicable Platforms

Languages: C, C++, Memory-Unsafe

Likelihood of Exploit: High

View CWE Details

Exploit

Adobe Flash Player - Arbitrary Code Execution

Author: SecurityObscurity Published:

View Exploit Code →

Exploit

Adobe Flash Player - ByteArray With Workers Use-After-Free …

Verified Metasploit Framework (MSF)

Adobe Flash Player - ByteArray With Workers Use-After-Free (Metasploit)

Author: Metasploit Published: Status: Verified

View Exploit Code →

Operating System

Linux Enterprise Workstation Extension by Suse

Product Information

Vendor Suse

Product Linux Enterprise Workstation Extension

Version 12

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Opensuse by Opensuse

Product Information

Vendor Opensuse

Product Opensuse

Version 13.2

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Linux Enterprise Desktop by Suse

Product Information

Vendor Suse

Product Linux Enterprise Desktop

Version 11

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Edge by Microsoft

Product Information

Vendor Microsoft

Product Edge

Version -

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:microsoft:edge:-:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Flash Player by Adobe

Product Information

Vendor Adobe

Product Flash Player

Version Range Affected

From 14.0.0.125 (inclusive)

To 16.0.0.305 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Flash Player by Adobe

Product Information

Vendor Adobe

Product Flash Player

Version Range Affected

To 11.2.202.442 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Opensuse by Opensuse

Product Information

Vendor Opensuse

Product Opensuse

Version 13.1

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Evergreen by Opensuse

Product Information

Vendor Opensuse

Product Evergreen

Version 11.4

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Operating System

Linux Enterprise Desktop by Suse

Product Information

Vendor Suse

Product Linux Enterprise Desktop

Version 12

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Internet Explorer by Microsoft

Product Information

Vendor Microsoft

Product Internet Explorer

Version 10

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Internet Explorer by Microsoft

Product Information

Vendor Microsoft

Product Internet Explorer

Version 11

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:microsoft:internet_explorer:11:-:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

Application

Flash Player by Adobe

Product Information

Vendor Adobe

Product Flash Player

Version Range Affected

To 13.0.0.269 (exclusive)

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://github.com/cisagov/vulnrichment/issues/196

https://www.cisa.gov/known-exploited-vulnerabilities-catalo…

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015…

http://lists.opensuse.org/opensuse-security-announce/2015-0…

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2015-0…

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00007.html

http://lists.opensuse.org/opensuse-security-announce/2015-0…

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00008.html

http://lists.opensuse.org/opensuse-security-announce/2015-0…

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00009.html

http://packetstormsecurity.com/files/131189/Adobe-Flash-Pla…

http://packetstormsecurity.com/files/131189/Adobe-Flash-Player-ByteArray-With-W…

http://secunia.com/advisories/62528

http://secunia.com/advisories/62777

http://secunia.com/advisories/62895

https://exchange.xforce.ibmcloud.com/vulnerabilities/100641

https://helpx.adobe.com/security/products/flash-player/apsa…

https://helpx.adobe.com/security/products/flash-player/apsa15-02.html

https://helpx.adobe.com/security/products/flash-player/apsb…

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

https://technet.microsoft.com/library/security/2755801

https://www.exploit-db.com/exploits/36579/

http://www.osvdb.org/117853

http://www.securityfocus.com/bid/72429

http://www.securitytracker.com/id/1031686

http://lists.opensuse.org/opensuse-security-announce/2015-0…

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2015-0…

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00007.html

http://lists.opensuse.org/opensuse-security-announce/2015-0…

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00008.html

http://lists.opensuse.org/opensuse-security-announce/2015-0…

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00009.html

http://packetstormsecurity.com/files/131189/Adobe-Flash-Pla…

http://packetstormsecurity.com/files/131189/Adobe-Flash-Player-ByteArray-With-W…

http://secunia.com/advisories/62528

http://secunia.com/advisories/62777

http://secunia.com/advisories/62895

https://exchange.xforce.ibmcloud.com/vulnerabilities/100641

https://helpx.adobe.com/security/products/flash-player/apsa…

https://helpx.adobe.com/security/products/flash-player/apsa15-02.html

https://helpx.adobe.com/security/products/flash-player/apsb…

https://helpx.adobe.com/security/products/flash-player/apsb15-04.html

https://technet.microsoft.com/library/security/2755801

https://www.exploit-db.com/exploits/36579/

http://www.osvdb.org/117853

http://www.securityfocus.com/bid/72429

http://www.securitytracker.com/id/1031686

CVE-2015-0313

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 90 Days)

Use After Free

Common Consequences

Applicable Platforms

Adobe Flash Player - Arbitrary Code Execution

Adobe Flash Player - ByteArray With Workers Use-After-Free …

Linux Enterprise Workstation Extension by Suse

Product Information

Opensuse by Opensuse

Product Information

Linux Enterprise Desktop by Suse

Product Information

Edge by Microsoft

Product Information

Flash Player by Adobe

Product Information

Flash Player by Adobe

Product Information

Opensuse by Opensuse

Product Information

Evergreen by Opensuse

Product Information

Linux Enterprise Desktop by Suse

Product Information

Internet Explorer by Microsoft

Product Information

Internet Explorer by Microsoft

Product Information

Flash Player by Adobe

Product Information

Iscriviti alla newsletter