Arbitrary Code Execution and Memory Corruption in Adobe Flash Player and AIR
CVE-2015-0303

Currently unrated

Key Information:

Vendor: Adobe
Status: Adobe Air
Vendor: CVE Published:; 13 January 2015

What is CVE-2015-0303?

This vulnerability in Adobe Flash Player and AIR allows attackers to exploit memory corruption issues, enabling them to execute arbitrary code on affected systems. Attackers can leverage unspecified vectors to trigger this vulnerability, potentially leading to a complete compromise of the affected software. The issue has been observed in several versions across different platforms, highlighting the importance of keeping software updated to mitigate risks.

References

http://secunia.com/advisories/62371

third-party-advisoryx_refsource_SECUNIA

http://security.gentoo.org/glsa/glsa-201502-02.xml

vendor-advisoryx_refsource_GENTOO

https://exchange.xforce.ibmcloud.com/vulnerabilities/99983

vdb-entryx_refsource_XF

EPSS Score

11% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 13, 2015
Vulnerability Reserved
Dec 1, 2014