Adobe Flash Player Buffer Overflow Vulnerability (CVE-2015-0311)

Publish date: September 03, 2015

Severity: CRITICAL

CVE Identifier: CVE-2015-0311,APSB15-03,APSA15-01

Advisory Date: JAN 23, 2015

DESCRIPTION

Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows and through 11.2.202.438 on Linux allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in January 2015. For more details please check TrendLabs Security Intelligence Blog http://blog.trendmicro.com/trendlabs-security-intelligence/flash-greets-2015-with-new-zero-day/

TREND MICRO PROTECTION INFORMATION

Vulnerability Protection in Trend Micro Deep Security protects user systems from threats that may leverage this vulnerability with the following DPI rule:

1006460 - Adobe Flash Player Buffer Overflow Vulnerability

SOLUTION

PATCH: https://helpx.adobe.com/security/products/flash-player/apsa15-01.html

AFFECTED SOFTWARE AND VERSION

adobe flash_player 11.2.202.438
adobe flash_player 13.0.0.262
adobe flash_player 14.0.0.125
adobe flash_player 14.0.0.145
adobe flash_player 14.0.0.176
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.152
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.189
adobe flash_player 15.0.0.223
adobe flash_player 15.0.0.239
adobe flash_player 15.0.0.246
adobe flash_player 16.0.0.235
adobe flash_player 16.0.0.257
adobe flash_player 16.0.0.287

Related Blog Entries

Related Malware

Featured Stories

$Cloud-native apps$
Abusing Argo CD, Helm, and Artifact Hub: An Analysis of Supply Chain Attacks in Cloud-Native Applications
We provide an overview of cloud-native tools and examine how cybercriminals can exploit their vulnerabilities to launch supply chain attacks.
Read more
$Trends and Shifts in the Underground N-Day Exploit Market$
Trends and Shifts in the Underground N-Day Exploit Market
Our two-year research provides insights into the life cycle of exploits, the types of exploit buyers and sellers, and the business models that are reshaping the underground exploit market.
Read more
$the nightmares of patch management the status quo and beyond$
The Nightmares of Patch Management: The Status Quo and Beyond
We discuss the challenges that organizations face in managing endpoint and server patches.
Read more
$Weak Parts Supply Chain$
Identifying Weak Parts of a Supply Chain
Malicious attacks have consistently been launched on weak points in the supply chain. Like all attacks, these will evolve into more advanced forms. Software development, with multiple phases that could be placed at risk, is particularly vulnerable.
Read more

Adobe Flash Player Buffer Overflow Vulnerability (CVE-2015-0311)

DESCRIPTION

TREND MICRO PROTECTION INFORMATION

SOLUTION

AFFECTED SOFTWARE AND VERSION

Related Blog Entries

Related Malware

Featured Stories

Resources

Support

About Trend

Adobe Flash Player Buffer Overflow Vulnerability (CVE-2015-0311)

DESCRIPTION

TREND MICRO PROTECTION INFORMATION

SOLUTION

AFFECTED SOFTWARE AND VERSION

Related Blog Entries

Related Malware

Featured Stories

Resources

Support

About Trend

The Americas

Middle East & Africa

Europe

Asia & Pacific