CVE-2015-0318
60Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 76%
from disclosure to weapon39 days
Published on NVDFeb 6
1st PoC+39d
metasploitNov 25
exploitation probability
76%top 1% of all CVEs
observed exploitation
nono source reports it
1 public exploit(s)
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0314, CVE-2015-0316, CVE-2015-0321, CVE-2015-0329, and CVE-2015-0330.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/36420unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-02/msg00007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-02/msg00008.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-02/msg00009.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0140.htmlhttp://secunia.com/advisories/62777http://secunia.com/advisories/62886http://secunia.com/advisories/62895http://security.gentoo.org/glsa/glsa-201502-02.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/100702https://helpx.adobe.com/security/products/flash-player/apsb15-04.htmlhttps://technet.microsoft.com/library/security/2755801