OR
     *cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*
     *cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
     *cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*

OR
     *cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:5.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterp

AND
     OR
          *cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:* versions up to (including) 13.0.0.292
          *cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_player:14.0.0.176:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_player:14.0.0.179:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_player:15.0.0.152:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_player:15.0.0.167:*:*:*:*:*:*:*
    

AND
     OR
          *cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:* versions from (including) 13.0.0.182 up to (including) 13.0.0296
          *cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:* versions from (including) 14.0.0.125 up to (including) 18.0.0.194
     OR
          cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

NIST CWE-416

NIST CWE-119

http://blog.trendmicro.com/trendlabs-security-intelligence/unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak/ No Types Assigned

http://blog.trendmicro.com/trendlabs-security-intelligence/unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak/ Broken Link

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00015.html No Types Assigned

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00015.html Mailing List, Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00016.html No Types Assigned

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00016.html Mailing List, Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html No Types Assigned

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html Mailing List, Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00018.html No Types Assigned

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00018.html Mailing List, Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-1214.html No Types Assigned

http://rhn.redhat.com/errata/RHSA-2015-1214.html Third Party Advisory

http://twitter.com/w3bd3vil/statuses/618168863708962816 No Types Assigned

http://twitter.com/w3bd3vil/statuses/618168863708962816 Broken Link

http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_hacking_team_uaf No Types Assigned

http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_hacking_team_uaf Third Party Advisory

http://www.securityfocus.com/bid/75568 No Types Assigned

http://www.securityfocus.com/bid/75568 Broken Link, Third Party Advisory, VDB Entry

http://www.securitytracker.com/id/1032809 No Types Assigned

http://www.securitytracker.com/id/1032809 Broken Link, Third Party Advisory, VDB Entry

https://helpx.adobe.com/security/products/flash-player/apsa15-03.html Patch, Vendor Advisory

https://helpx.adobe.com/security/products/flash-player/apsa15-03.html Broken Link, Patch, Vendor Advisory

https://helpx.adobe.com/security/products/flash-player/apsb15-16.html Patch, Vendor Advisory

https://helpx.adobe.com/security/products/flash-player/apsb15-16.html Broken Link, Patch, Vendor Advisory

https://packetstormsecurity.com/files/132600/Adobe-Flash-Player-ByteArray-Use-After-Free.html Exploit

https://packetstormsecurity.com/files/132600/Adobe-Flash-Player-ByteArray-Use-After-Free.html Exploit, Third Party Advisory, VDB Entry

https://security.gentoo.org/glsa/201507-13 No Types Assigned

https://security.gentoo.org/glsa/201507-13 Third Party Advisory

Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a ValueOf function, as exploited in the wild in July 2015.

Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00015.html [No Types Assigned]

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00016.html [No Types Assigned]

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html [No Types Assigned]

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00018.html [No Types Assigned]

http://rhn.redhat.com/errata/RHSA-2015-1214.html [No Types Assigned]

http://www.securitytracker.com/id/1032809 [No Types Assigned]

http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_hacking_team_uaf [No Types Assigned]

https://security.gentoo.org/glsa/201507-13 [No Types Assigned]

Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a ValueOf function, as exploited in the wild in July 2015.

Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.

http://www.securityfocus.com/bid/75568 [No Types Assigned]

http://www.us-cert.gov/ncas/alerts/TA15-195A US Govt Resource

http://www.us-cert.gov/ncas/alerts/TA15-195A Advisory, US Govt Resource

http://www.us-cert.gov/ncas/alerts/TA15-195A

Configuration 1
     AND
          OR
               *cpe:2.3:a:adobe:flash_player:11.2.202.468:*:*:*:*:*:*:* (and previous)
          OR
               cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Configuration 2
     AND
          OR
               *cpe:2.3:a:adobe:flash_player:13.0.0.292:*:*:*:*:*:*:* (and previous)
               *cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*
               *cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*
               *cpe:2.3:a:adobe:flash_p

Configuration 1
     AND
          OR
               *cpe:2.3:a:adobe:flash_player:13.0.0.292:*:*:*:*:*:*:* (and previous)
               *cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*
               *cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*
               *cpe:2.3:a:adobe:flash_player:14.0.0.176:*:*:*:*:*:*:*
               *cpe:2.3:a:adobe:flash_player:14.0.0.179:*:*:*:*:*:*:*
               *cpe:2.3:a:adobe:flash_player:15.0.0.152:*:*:*:*:*:*:*
               *cpe:2.3:a:a

https://helpx.adobe.com/security/products/flash-player/apsb15-16.html No Types Assigned

https://helpx.adobe.com/security/products/flash-player/apsb15-16.html Advisory, Patch

https://helpx.adobe.com/security/products/flash-player/apsb15-16.html

Configuration 1
     AND
          OR
               *cpe:2.3:a:adobe:flash_player:11.2.202.468:*:*:*:*:*:*:* (and previous)
          OR
               cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Configuration 2
     AND
          OR
               *cpe:2.3:a:adobe:flash_player:13.0.0.292:*:*:*:*:*:*:* (and previous)
               *cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*
               *cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*
               *cpe:2.3:a:adobe:flash_p

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

CWE-119

http://www.kb.cert.org/vuls/id/561288 US Govt Resource

http://www.kb.cert.org/vuls/id/561288 Advisory, US Govt Resource

https://helpx.adobe.com/security/products/flash-player/apsa15-03.html No Types Assigned

https://helpx.adobe.com/security/products/flash-player/apsa15-03.html Advisory, Patch

https://packetstormsecurity.com/files/132600/Adobe-Flash-Player-ByteArray-Use-After-Free.html No Types Assigned

https://packetstormsecurity.com/files/132600/Adobe-Flash-Player-ByteArray-Use-After-Free.html Exploit