FILE-FLASH -- Snort has detected suspicious traffic via the Adobe Flash Player. Flash is a common target of code execution, overflow, DoS, and memory corruption attacks in particular, via swifs, action scripts, etc. Many networks block Flash altogether; the application will be deprecated in 2020.
FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt
Unspecified vulnerability in Adobe Flash Player through 188.8.131.522 and 14.x, 15.x, and 16.x through 184.108.40.2067 on Windows and OS X and through 220.127.116.118 on Linux allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in January 2015.
This rule can also alert on CVE-2019-8070, a use-after-free vulnerability in Adobe Flash Player as well.
CVSS base score 10.0
CVSS impact score 10.0
CVSS exploitability score 10.0
Ease of Attack:
What To Look For
No public information
No known false positives
Talos research team.
This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
For more information see [nvd].
MITRE ATT&CK Framework
For reference, see the MITRE ATT&CK vulnerability types here:
CVE Additional Information
CVE-2015-0311Unspecified vulnerability in Adobe Flash Player through 18.104.22.1682 and 14.x, 15.x, and 16.x through 22.214.171.1247 on Windows and OS X and through 126.96.36.1998 on Linux allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in January 2015.
||Ease of Access||