Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113)

  Severity: CRITICAL
  Advisory Date: JUN 23, 2015

  DESCRIPTION

A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to an unspecified error. A remote attacker can exploit this vulnerability by enticing a target user to open a crafted file. A successful attack could result in arbitrary code execution in the security context of the target user.

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  PATCH: https://helpx.adobe.com/security/products/flash-player/apsb15-14.html

  Trend Micro Deep Security DPI Rule Number: 1006812

  AFFECTED SOFTWARE AND VERSION

  • Adobe Flash Player 18.0.0.161 and earlier versions for Windows and Macintosh
  • Adobe Flash Player Extended Support Release version 13.0.0.292 and earlier 13.x versions for Windows and Macintosh
  • Adobe Flash Player 11.2.202.466 and earlier 11.x versions for Linux