Think you have a false positive on this rule?

Sid 1-41411

Message

FILE-FLASH Adobe Flash Player custom toString function attempt

Summary

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4430, and CVE-2015-5117.

Impact

CVSS base score 10.0 CVSS impact score 10.0 CVSS exploitability score 10.0 confidentialityImpact COMPLETE integrityImpact COMPLETE availabilityImpact COMPLETE

CVE-2015-4428:

CVSS base score 10.0

CVSS impact score 10.0

CVSS exploitability score 10.0

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2015-8043:

CVSS base score 10.0

CVSS impact score 10.0

CVSS exploitability score 10.0

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2015-8044:

CVSS base score 10.0

CVSS impact score 10.0

CVSS exploitability score 10.0

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2015-8046:

CVSS base score 10.0

CVSS impact score 10.0

CVSS exploitability score 10.0

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2017-2951:

CVSS base score 7.8

CVSS impact score 5.9

CVSS exploitability score 1.8

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Detailed information

CVE-2015-4428: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3124, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4430, and CVE-2015-5117.

CVE-2015-8043: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8044, and CVE-2015-8046.

CVE-2015-8044: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, and CVE-2015-8046.

CVE-2015-8046: Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7660, CVE-2015-7661, CVE-2015-7663, CVE-2015-8042, CVE-2015-8043, and CVE-2015-8044.

CVE-2017-2951: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to sub-form functionality. Successful exploitation could lead to arbitrary code execution.

Affected systems

  • adobe air 18.0.0.144
  • adobe air_sdk 18.0.0.144
  • adobe airsdk&_compiler 18.0.0.144
  • adobe flash_player 11.2.202.468
  • adobe flash_player 13.0.0.289
  • adobe flash_player 14.0.0.125
  • adobe flash_player 14.0.0.145
  • adobe flash_player 14.0.0.176
  • adobe flash_player 14.0.0.179
  • adobe flash_player 15.0.0.152
  • adobe flash_player 15.0.0.167
  • adobe flash_player 15.0.0.189
  • adobe flash_player 15.0.0.223
  • adobe flash_player 15.0.0.239
  • adobe flash_player 15.0.0.246
  • adobe flash_player 16.0.0.235
  • adobe flash_player 16.0.0.257
  • adobe flash_player 16.0.0.287
  • adobe flash_player 16.0.0.296
  • adobe flash_player 17.0.0.134
  • adobe flash_player 17.0.0.169
  • adobe flash_player 17.0.0.188
  • adobe flash_player 17.0.0.190
  • adobe flash_player 18.0.0.160
  • adobe flash_player 18.0.0.194
  • adobe air 19.0.0.190
  • adobe air 19.0.0.213
  • adobe air_sdk 19.0.0.213
  • adobe airsdk&_compiler 19.0.0.213
  • adobe flash_player 11.2.202.540
  • adobe flash_player 18.0.0.255
  • adobe flash_player 19.0.0.185
  • adobe flash_player 19.0.0.207
  • adobe flash_player 19.0.0.226
  • adobe acrobat 11.0.18
  • adobe acrobat_dc 15.006.30244
  • adobe acrobat_dc 15.020.20042
  • adobe acrobatreaderdc 15.006.30244
  • adobe acrobatreaderdc 15.020.20042
  • adobe reader 11.0.18

Ease of attack

CVE-2015-4428:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

CVE-2015-8043:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

CVE-2015-8044:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

CVE-2015-8046:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

CVE-2017-2951:

Access Vector

Access Complexity

Authentication

False positives

None known

False negatives

None known

Corrective action

Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References

  • helpx.adobe.com/security/products/flash-player/apsb15-16.html
  • helpx.adobe.com/security/products/flash-player/apsb15-28.html
  • helpx.adobe.com/security/products/reader/apsb17-01.html