Think you have a false positive on this rule?

Sid 1-45743

Message

FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt

Summary

Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-3092.

Impact

CVSS base score 5.0 CVSS impact score 2.9 CVSS exploitability score 10.0 confidentialityImpact PARTIAL integrityImpact NONE availabilityImpact NONE

CVE-2015-3091:

CVSS base score 5.0

CVSS impact score 2.9

CVSS exploitability score 10.0

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

CVE-2015-3105:

CVSS base score 10.0

CVSS impact score 10.0

CVSS exploitability score 10.0

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Detailed information

CVE-2015-3091: Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 do not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via unspecified vectors, a different vulnerability than CVE-2015-3092.

CVE-2015-3105: Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Affected systems

  • adobe air 17.0.0.144
  • adobe air_sdk 17.0.0.144
  • adobe airsdk&_compiler 17.0.0.144
  • adobe flash_player 11.2.202.475
  • adobe flash_player 13.0.0.264
  • adobe flash_player 14.0.0.125
  • adobe flash_player 14.0.0.145
  • adobe flash_player 14.0.0.176
  • adobe flash_player 14.0.0.179
  • adobe flash_player 15.0.0.152
  • adobe flash_player 15.0.0.167
  • adobe flash_player 15.0.0.189
  • adobe flash_player 15.0.0.223
  • adobe flash_player 15.0.0.239
  • adobe flash_player 15.0.0.246
  • adobe flash_player 16.0.0.235
  • adobe flash_player 16.0.0.257
  • adobe flash_player 16.0.0.287
  • adobe flash_player 16.0.0.296
  • adobe flash_player 17.0.0.134
  • adobe flash_player 17.0.0.169
  • adobe air 17.0.0.172
  • adobe air_sdk 17.0.0.172
  • adobe airsdk&_compiler 17.0.0.172
  • adobe flash_player 11.2.202.460
  • adobe flash_player 13.0.0.289
  • adobe flash_player 17.0.0.188
  • google android *

Ease of attack

CVE-2015-3091:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

CVE-2015-3105:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

False positives

None known

False negatives

None known

Corrective action

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References

  • helpx.adobe.com/security/products/flash-player/apsb15-09.html
  • helpx.adobe.com/security/products/flash-player/apsb15-11.html