Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-0359)
Publish date: June 09, 2016
Severity: CRITICAL
Advisory Date: MAY 07, 2015
DESCRIPTION
Adobe Flash Player is prone to an unspecified memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
TREND MICRO PROTECTION INFORMATION
Apply associated Trend Micro DPI Rules.
SOLUTION
PATCH: https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
Trend Micro Deep Security DPI Rule Number: 1006646
AFFECTED SOFTWARE AND VERSION
- Adobe Flash Player 17.0.0.134 and earlier versions
- Adobe Flash Player 13.0.0.277 and earlier 13.x versions
- Adobe Flash Player 11.2.202.451 and earlier 11.x versions
- AIR Desktop Runtime 17.0.0.144 and earlier versions
- AIR SDK and SDK & Compiler 17.0.0.144 and earlier versions
Featured Stories
One Flaw too Many: Vulnerabilities in SCADA SystemsWhat is the current state of SCADA vulnerabilities? Staying informed is essential in the fight against exploits and cyberattacks with real-world consequences.Read more
Drilling Deep: A Look at Cyberattacks on the Oil and Gas IndustryWe break down the digital attacks against the oil and gas industry and its supply chain.Read more
Halloween Exploits Scare: BlueKeep, Chrome’s Zero-Days in the WildPatch now: Two Chrome zero-days were reported, one of them actively exploited in a campaign. Meanwhile, BlueKeep was initially reported seen in the wild to install a malicious Monero miner.Read more
PHP-FPM Vulnerability (CVE-2019-11043) can Lead to Remote Code Execution in NGINX Web ServersAdministrators of NGINX web servers running PHP-FPM are advised to patch a vulnerability (CVE-2019-11043) that can let threat actors execute remote code on vulnerable, NGINX-enabled web servers. Here’s what you need to know.Read more