Information Disclosure and Denial of Service in Adobe Flash Player and Adobe AIR
CVE-2015-0307

Currently unrated

Key Information:

Vendor: Adobe
Status: Adobe Air
Vendor: CVE Published:; 13 January 2015

What is CVE-2015-0307?

This vulnerability in Adobe Flash Player and Adobe AIR allows remote attackers to access sensitive information from the application's process memory. Additionally, it can lead to a denial of service through out-of-bounds read errors. Affected users can experience disruptions and may have their personal data compromised, making it critical to employ updates and patches to mitigate these risks. The issue spans multiple operating systems, including Windows, OS X, and Linux, affecting numerous versions of both Flash Player and AIR products.

References

http://secunia.com/advisories/62371

third-party-advisoryx_refsource_SECUNIA

http://security.gentoo.org/glsa/glsa-201502-02.xml

vendor-advisoryx_refsource_GENTOO

http://secunia.com/advisories/62740

third-party-advisoryx_refsource_SECUNIA

EPSS Score

6% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 13, 2015
Vulnerability Reserved
Dec 1, 2014