National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2015-5122 Detail

Description

Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.

Source:  MITRE
Description Last Modified:  07/14/2015

Evaluator Description

CWE-416: Use After Free

Impact

CVSS v2.0 Severity and Metrics:

Base Score: 10.0 HIGH
Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C) (V2 legend)
Impact Subscore: 10.0
Exploitability Subscore: 10.0


Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (AU): None
Confidentiality (C): Complete
Integrity (I): Complete
Availability (A): Complete
Additional Information:
Allows unauthorized disclosure of information
Allows unauthorized modification
Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html
http://marc.info/?l=bugtraq&m=144050155601375&w=2
http://packetstormsecurity.com/files/132663/Adobe-Flash-opaqueBackground-Use-After-Free.html
http://rhn.redhat.com/errata/RHSA-2015-1235.html
http://www.kb.cert.org/vuls/id/338736 Third Party Advisory US Government Resource
http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_opaque_background_uaf
http://www.securityfocus.com/bid/75712
http://www.securitytracker.com/id/1032890
http://www.us-cert.gov/ncas/alerts/TA15-195A US Government Resource
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467
https://helpx.adobe.com/security/products/flash-player/apsa15-04.html Vendor Advisory
https://helpx.adobe.com/security/products/flash-player/apsb15-18.html
https://perception-point.io/2018/04/11/breaking-cfi-cve-2015-5122-coop/
https://perception-point.io/new/breaking-cfi.php
https://security.gentoo.org/glsa/201508-01
https://www.exploit-db.com/exploits/37599/
https://www.fireeye.com/blog/threat-research/2015/07/cve-2015-5122_-_seco.html

Technical Details

Vulnerability Type (View All)

Vulnerable software and versions Switch to CPE 2.3

Configuration 1
AND
OR
cpe:/a:adobe:flash_player:13.0.0.182
cpe:/a:adobe:flash_player:13.0.0.201
cpe:/a:adobe:flash_player:13.0.0.206
cpe:/a:adobe:flash_player:13.0.0.214
cpe:/a:adobe:flash_player:13.0.0.223
cpe:/a:adobe:flash_player:13.0.0.231
cpe:/a:adobe:flash_player:13.0.0.241
cpe:/a:adobe:flash_player:13.0.0.244
cpe:/a:adobe:flash_player:13.0.0.250
cpe:/a:adobe:flash_player:13.0.0.257
cpe:/a:adobe:flash_player:13.0.0.258
cpe:/a:adobe:flash_player:13.0.0.259
cpe:/a:adobe:flash_player:13.0.0.260
cpe:/a:adobe:flash_player:13.0.0.262
cpe:/a:adobe:flash_player:13.0.0.264
cpe:/a:adobe:flash_player:13.0.0.289
cpe:/a:adobe:flash_player:13.0.0.292
cpe:/a:adobe:flash_player:13.0.0.302
cpe:/a:adobe:flash_player:14.0.0.125
cpe:/a:adobe:flash_player:14.0.0.145
cpe:/a:adobe:flash_player:14.0.0.176
cpe:/a:adobe:flash_player:14.0.0.179
cpe:/a:adobe:flash_player:15.0.0.152
cpe:/a:adobe:flash_player:15.0.0.167
cpe:/a:adobe:flash_player:15.0.0.189
cpe:/a:adobe:flash_player:15.0.0.223
cpe:/a:adobe:flash_player:15.0.0.239
cpe:/a:adobe:flash_player:15.0.0.246
cpe:/a:adobe:flash_player:16.0.0.235
cpe:/a:adobe:flash_player:16.0.0.257
cpe:/a:adobe:flash_player:16.0.0.287
cpe:/a:adobe:flash_player:16.0.0.296
cpe:/a:adobe:flash_player:17.0.0.134
cpe:/a:adobe:flash_player:17.0.0.169
cpe:/a:adobe:flash_player:17.0.0.188
cpe:/a:adobe:flash_player:17.0.0.190
cpe:/a:adobe:flash_player:18.0.0.160
cpe:/a:adobe:flash_player:18.0.0.194
cpe:/a:adobe:flash_player:18.0.0.203
OR
cpe:/o:apple:mac_os_x:-
cpe:/o:microsoft:windows:-
Configuration 2
AND
OR
cpe:/a:adobe:flash_player:11.0.1.153
cpe:/a:adobe:flash_player:11.1
cpe:/a:adobe:flash_player:11.1.102.59
cpe:/a:adobe:flash_player:11.1.102.62
cpe:/a:adobe:flash_player:11.1.102.63
cpe:/a:adobe:flash_player:11.1.111.8
cpe:/a:adobe:flash_player:11.1.111.44
cpe:/a:adobe:flash_player:11.1.111.50
cpe:/a:adobe:flash_player:11.1.111.54
cpe:/a:adobe:flash_player:11.1.111.64
cpe:/a:adobe:flash_player:11.1.111.73
cpe:/a:adobe:flash_player:11.1.115.7
cpe:/a:adobe:flash_player:11.1.115.34
cpe:/a:adobe:flash_player:11.1.115.48
cpe:/a:adobe:flash_player:11.1.115.54
cpe:/a:adobe:flash_player:11.1.115.58
cpe:/a:adobe:flash_player:11.1.115.59
cpe:/a:adobe:flash_player:11.1.115.63
cpe:/a:adobe:flash_player:11.1.115.69
cpe:/a:adobe:flash_player:11.1.115.81
cpe:/a:adobe:flash_player:11.2.202.223
cpe:/a:adobe:flash_player:11.2.202.228
cpe:/a:adobe:flash_player:11.2.202.233
cpe:/a:adobe:flash_player:11.2.202.235
cpe:/a:adobe:flash_player:11.2.202.236
cpe:/a:adobe:flash_player:11.2.202.238
cpe:/a:adobe:flash_player:11.2.202.243
cpe:/a:adobe:flash_player:11.2.202.251
cpe:/a:adobe:flash_player:11.2.202.258
cpe:/a:adobe:flash_player:11.2.202.261
cpe:/a:adobe:flash_player:11.2.202.262
cpe:/a:adobe:flash_player:11.2.202.270
cpe:/a:adobe:flash_player:11.2.202.273
cpe:/a:adobe:flash_player:11.2.202.275
cpe:/a:adobe:flash_player:11.2.202.280
cpe:/a:adobe:flash_player:11.2.202.285
cpe:/a:adobe:flash_player:11.2.202.291
cpe:/a:adobe:flash_player:11.2.202.297
cpe:/a:adobe:flash_player:11.2.202.310
cpe:/a:adobe:flash_player:11.2.202.327
cpe:/a:adobe:flash_player:11.2.202.332
cpe:/a:adobe:flash_player:11.2.202.335
cpe:/a:adobe:flash_player:11.2.202.336
cpe:/a:adobe:flash_player:11.2.202.341
cpe:/a:adobe:flash_player:11.2.202.346
cpe:/a:adobe:flash_player:11.2.202.350
cpe:/a:adobe:flash_player:11.2.202.356
cpe:/a:adobe:flash_player:11.2.202.359
cpe:/a:adobe:flash_player:11.2.202.378
cpe:/a:adobe:flash_player:11.2.202.394
cpe:/a:adobe:flash_player:11.2.202.411
cpe:/a:adobe:flash_player:11.2.202.424
cpe:/a:adobe:flash_player:11.2.202.425
cpe:/a:adobe:flash_player:11.2.202.429
cpe:/a:adobe:flash_player:11.2.202.438
cpe:/a:adobe:flash_player:11.2.202.440
cpe:/a:adobe:flash_player:11.2.202.442
cpe:/a:adobe:flash_player:11.2.202.451
cpe:/a:adobe:flash_player    versions up to (including) 11.2.202.468
cpe:/a:adobe:flash_player    versions up to (including) 18.0.0.204
Showing 100 of 102 CPEs, view all CPEs here.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

15 change records found - show changes

Quick Info

CVE Dictionary Entry:
CVE-2015-5122
NVD Published Date:
07/14/2015
NVD Last Modified:
11/23/2018