Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability (CVE-2015-5119)

  Severity: CRITICAL
  CVE Identifier: CVE-2015-5119
  Advisory Date: JUL 07, 2015

  DESCRIPTION

Adobe Flash Player contains a vulnerability in the ActionScript 3 ByteArray class, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Ref: http://blog.trendmicro.com/trendlabs-security-intelligence/unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak/

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  PATCH: https://helpx.adobe.com/security/products/flash-player/apsb15-16.html

  Trend Micro Deep Security DPI Rule Number: 1006824