Heap-based Buffer Overflow in Adobe Flash Player
CVE-2015-0309

Currently unrated

Key Information:

Vendor: Adobe
Status: Adobe Air
Vendor: CVE Published:; 13 January 2015

What is CVE-2015-0309?

This vulnerability allows attackers to exploit a heap-based buffer overflow in Adobe Flash Player and Adobe AIR, leading to the potential execution of arbitrary code. The flaw affects multiple versions across different operating systems, including Windows, OS X, and Linux. Successful exploitation requires the attacker to employ various unspecified vectors, thus enabling them to gain unauthorized control over affected systems.

References

http://secunia.com/advisories/62371

third-party-advisoryx_refsource_SECUNIA

http://security.gentoo.org/glsa/glsa-201502-02.xml

vendor-advisoryx_refsource_GENTOO

https://exchange.xforce.ibmcloud.com/vulnerabilities/99986

vdb-entryx_refsource_XF

EPSS Score

7% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 13, 2015
Vulnerability Reserved
Dec 1, 2014