OR
     *cpe:2.3:o:apple:mac_os:-:*:*:*:*:*:*:*

OR
     *cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:a:adobe:flash_player:*:*:*:*:esr:*:*:* versions from (including) 13.0 up to (including) 13.0.0.302
          *cpe:2.3:a:adobe:flash_player:*:*:*:*:chrome:*:*:* versions from (including) 18.0 up to (including) 18.0.0.203
          *cpe:2.3:a:adobe:flash_player_desktop_runtime:*:*:*:*:*:*:*:* versions from (including) 18.0 up to (including) 18.0.0.203
     OR
          cpe:2.3:o:apple:mac_os:-:*:*:*:*:*:*:*
          cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

OR
     *cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
     *cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:a:adobe:flash_player:13.0.0.182:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_player:13.0.0.201:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_player:13.0.0.206:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_player:13.0.0.214:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_player:13.0.0.223:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_player:13.0.0.231:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_player:13.0.0.241:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_

AND
     OR
          *cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:* versions from (including) 11.0 up to (including) 11.2.202.481
     OR
          cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

AND
     OR
          *cpe:2.3:a:adobe:flash_player:11.0.1.153:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_player:11.1:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_player:11.1.102.59:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_player:11.1.102.62:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_player:11.1.102.63:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_player:11.1.111.8:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_player:11.1.111.44:*:*:*:*:*:*:*
          *cpe:2.3:a:adobe:flash_pl

OR
     *cpe:2.3:o:opensuse:evergreen:11.4:*:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*

CWE-416

NVD-CWE-Other

<a href="http://cwe.mitre.org/data/definitions/416.html">CWE-416: Use After Free</a>

http://blog.trendmicro.com/trendlabs-security-intelligence/new-zero-day-vulnerability-cve-2015-5123-in-adobe-flash-emerges-from-hacking-team-leak/ No Types Assigned

http://blog.trendmicro.com/trendlabs-security-intelligence/new-zero-day-vulnerability-cve-2015-5123-in-adobe-flash-emerges-from-hacking-team-leak/ Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html No Types Assigned

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html Mailing List, Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html No Types Assigned

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html Mailing List, Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html No Types Assigned

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html Mailing List, Third Party Advisory

http://marc.info/?l=bugtraq&m=144050155601375&w=2 No Types Assigned

http://marc.info/?l=bugtraq&m=144050155601375&w=2 Mailing List, Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-1235.html No Types Assigned

http://rhn.redhat.com/errata/RHSA-2015-1235.html Third Party Advisory

http://www.securityfocus.com/bid/75710 No Types Assigned

http://www.securityfocus.com/bid/75710 Third Party Advisory, VDB Entry

http://www.securitytracker.com/id/1032890 No Types Assigned

http://www.securitytracker.com/id/1032890 Third Party Advisory, VDB Entry

http://www.us-cert.gov/ncas/alerts/TA15-195A US Government Resource

http://www.us-cert.gov/ncas/alerts/TA15-195A Third Party Advisory, US Government Resource

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784 No Types Assigned

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784 Third Party Advisory

https://helpx.adobe.com/security/products/flash-player/apsb15-18.html No Types Assigned

https://helpx.adobe.com/security/products/flash-player/apsb15-18.html Vendor Advisory

https://security.gentoo.org/glsa/201508-01 No Types Assigned

https://security.gentoo.org/glsa/201508-01 Third Party Advisory

Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a ValueOf function, as exploited in the wild in July 2015.

Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.

http://www.securitytracker.com/id/1032890 [No Types Assigned]

https://security.gentoo.org/glsa/201508-01 [No Types Assigned]

Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a ValueOf function, as exploited in the wild in July 2015.

Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.

http://www.securityfocus.com/bid/75710 [No Types Assigned]

http://marc.info/?l=bugtraq&m=144050155601375&w=2

https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784

http://www.us-cert.gov/ncas/alerts/TA15-195A

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html

http://rhn.redhat.com/errata/RHSA-2015-1235.html

https://helpx.adobe.com/security/products/flash-player/apsb15-18.html

Vulnerabilidad en la implementación ActionScript 3 en Adobe Flash Player (CVE-2015-5123)

la implementación ActionScript 3 en Adobe Flash Player

Vulnerabilidad de uso después de liberación descubierta en la implementación de la clase BitmapData en el ActionScript (AS3) en Adobe Flash Player 13.x hasta 13.0.0.302 en Windows y en OS X, 14.x hasta 18.0.0.203 en Windows y en OS X, 11.x hasta 11.2.202.481 en Linux, y en 12.x hasta 18.0.0.204 en las intalaciones de Google Chorme en Linux permite a atacantes remotos ejecutar código arbitrario o causar denegación de servicio (corrupción de memoria) hasta

Vulnerabilidad de uso despues de liberacion descubierta en la implementación de la clase BitmapData en el ActionScript (AS3) en Adobe Flash Player 13.x a traves de 13.0.0.302 en Windows y en OS X, 14.x a traves de 18.0.0.203 en Windows y en OS X, 11.x a traves de 11.2.202.481 en Linux, y en 12.x a traves de 18.0.0.204 en las intalaciones de Google Chorme en Linux permite a atacantes remotos ejecutar codigo arbitrario o causar denegacion de servicio (corrupcion de memoria) a traves de cont

Configuration 1
     AND
          OR
               *cpe:2.3:a:adobe:flash_player:11.1:*:*:*:*:*:*:*
               *cpe:2.3:a:adobe:flash_player:11.0.1.153:*:*:*:*:*:*:*
               *cpe:2.3:a:adobe:flash_player:11.2.202.451:*:*:*:*:*:*:*
               *cpe:2.3:a:adobe:flash_player:11.2.202.442:*:*:*:*:*:*:*
               *cpe:2.3:a:adobe:flash_player:11.2.202.440:*:*:*:*:*:*:*
               *cpe:2.3:a:adobe:flash_player:11.2.202.438:*:*:*:*:*:*:*
               *cpe:2.3:a:adobe:flash_pl

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

NVD-CWE-Other

<a href="http://cwe.mitre.org/data/definitions/416.html">CWE-416: Use After Free</a>

http://www.kb.cert.org/vuls/id/918568 US Govt Resource

http://www.kb.cert.org/vuls/id/918568 Advisory, US Govt Resource

https://helpx.adobe.com/security/products/flash-player/apsa15-04.html No Types Assigned

https://helpx.adobe.com/security/products/flash-player/apsa15-04.html Advisory