Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
08 May 2023, 13:29
Type | Values Removed | Values Added |
---|---|---|
First Time |
Microsoft windows 8
|
|
CPE | cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:* |
08 Sep 2021, 17:19
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* |
Information
Published : 2015-07-14 10:59
Updated : 2023-12-10 11:46
NVD link : CVE-2015-5122
Mitre link : CVE-2015-5122
CVE.ORG link : CVE-2015-5122
JSON object : View
Products Affected
adobe
- flash_player
- flash_player_desktop_runtime
redhat
- enterprise_linux_desktop
- enterprise_linux_server_eus
- enterprise_linux_workstation
- enterprise_linux_server
opensuse
- evergreen
suse
- linux_enterprise_workstation_extension
- linux_enterprise_desktop
microsoft
- windows_8
- windows
- windows_8.1
linux
- linux_kernel
apple
- macos
CWE