Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113)
Publish date: June 09, 2016
Severity: CRITICAL
Advisory Date: JUN 23, 2015
DESCRIPTION
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to an unspecified error. A remote attacker can exploit this vulnerability by enticing a target user to open a crafted file. A successful attack could result in arbitrary code execution in the security context of the target user.
TREND MICRO PROTECTION INFORMATION
Apply associated Trend Micro DPI Rules.
SOLUTION
PATCH: https://helpx.adobe.com/security/products/flash-player/apsb15-14.html
Trend Micro Deep Security DPI Rule Number: 1006812
AFFECTED SOFTWARE AND VERSION
- Adobe Flash Player 18.0.0.161 and earlier versions for Windows and Macintosh
- Adobe Flash Player Extended Support Release version 13.0.0.292 and earlier 13.x versions for Windows and Macintosh
- Adobe Flash Player 11.2.202.466 and earlier 11.x versions for Linux
Featured Stories
One Flaw too Many: Vulnerabilities in SCADA SystemsWhat is the current state of SCADA vulnerabilities? Staying informed is essential in the fight against exploits and cyberattacks with real-world consequences.Read more
Drilling Deep: A Look at Cyberattacks on the Oil and Gas IndustryWe break down the digital attacks against the oil and gas industry and its supply chain.Read more
Halloween Exploits Scare: BlueKeep, Chrome’s Zero-Days in the WildPatch now: Two Chrome zero-days were reported, one of them actively exploited in a campaign. Meanwhile, BlueKeep was initially reported seen in the wild to install a malicious Monero miner.Read more
PHP-FPM Vulnerability (CVE-2019-11043) can Lead to Remote Code Execution in NGINX Web ServersAdministrators of NGINX web servers running PHP-FPM are advised to patch a vulnerability (CVE-2019-11043) that can let threat actors execute remote code on vulnerable, NGINX-enabled web servers. Here’s what you need to know.Read more