FILE-FLASH -- Snort has detected suspicious traffic via the Adobe Flash Player. Flash is a common target of code execution, overflow, DoS, and memory corruption attacks in particular, via swifs, action scripts, etc. Many networks block Flash altogether; the application will be deprecated in 2020.
FILE-FLASH Adobe Flash player memory corruption attempt
This event is generated when an attacker attempts to exploit a memory corruption vulnerability in Adobe Flash Player.
Attempted User Privilege Gain
Ease of Attack:
What To Look For
No public information
No known false positives
Cisco Talos Intelligence Group
MITRE ATT&CK Framework
For reference, see the MITRE ATT&CK vulnerability types here:
CVE Additional Information
CVE-2015-5577Adobe Flash Player before 22.214.171.124 and 19.x before 126.96.36.199 on Windows and OS X and before 188.8.131.521 on Linux, Adobe AIR before 184.108.40.206, Adobe AIR SDK before 220.127.116.11, and Adobe AIR SDK & Compiler before 18.104.22.168 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5575, CVE-2015-5578, CVE-2015-5580, CVE-2015-5582, CVE-2015-5588, and CVE-2015-6677.
||Ease of Access||