FILE-FLASH -- Snort has detected suspicious traffic via the Adobe Flash Player. Flash is a common target of code execution, overflow, DoS, and memory corruption attacks in particular, via swifs, action scripts, etc. Many networks block Flash altogether; the application will be deprecated in 2020.
FILE-FLASH Adobe Flash Player malformed DefineSprite tag memory corruption attempt
Adobe Flash Player before 188.8.131.522 and 14.x through 18.x before 184.108.40.206 on Windows and OS X and before 220.127.116.111 on Linux, Adobe AIR before 18.104.22.168, Adobe AIR SDK before 22.214.171.124, and Adobe AIR SDK & Compiler before 126.96.36.199 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3130, CVE-2015-3133, CVE-2015-3134, and CVE-2015-4431.
CVSS base score 10.0
CVSS impact score 10.0
CVSS exploitability score 10.0
Ease of Attack:
What To Look For
No public information
No known false positives
Talos research team.
This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
For more information see [nvd].