Think you have a false positive on this rule?

Sid 1-45309

Message

FILE-FLASH Adobe Flash Player ConvolutionFilter Matrix use after free attempt

Summary

This event is generated when a use after free vulnerability is detected in a flash file

Impact

Attempted User Privilege Gain

CVE-2015-3039:

CVSS base score 10.0

CVSS impact score 10.0

CVSS exploitability score 10.0

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Detailed information

CVE-2015-3039: Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0349, CVE-2015-0351, and CVE-2015-0358.

Affected systems

  • adobe flash_player 11.2.202.451
  • adobe flash_player 13.0.0.264
  • adobe flash_player 14.0.0.125
  • adobe flash_player 14.0.0.145
  • adobe flash_player 14.0.0.176
  • adobe flash_player 14.0.0.179
  • adobe flash_player 15.0.0.152
  • adobe flash_player 15.0.0.167
  • adobe flash_player 15.0.0.189
  • adobe flash_player 15.0.0.223
  • adobe flash_player 15.0.0.239
  • adobe flash_player 15.0.0.246
  • adobe flash_player 16.0.0.235
  • adobe flash_player 16.0.0.257
  • adobe flash_player 16.0.0.287
  • adobe flash_player 16.0.0.296
  • adobe flash_player 17.0.0.134
  • opensuse_project opensuse 13.1
  • opensuse_project opensuse 13.2
  • redhat enterpriselinuxdesktop_supplementary 5.0
  • redhat enterpriselinuxdesktop_supplementary 6.0
  • redhat enterpriselinuxserver_supplementary 5.0
  • redhat enterpriselinuxserver_supplementary 6.0
  • redhat enterpriselinuxserversupplementaryeus 6.6.z
  • redhat enterpriselinuxworkstation_supplementary 6.0
  • suse suselinuxenterprise_desktop 11.0
  • suse suselinuxenterprise_desktop 12.0
  • suse suselinuxworkstation_extension 12.0

Ease of attack

CVE-2015-3039:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

False positives

False negatives

Corrective action

Contributors

  • Cisco's Talos Intelligence Group

Additional References