CVE-2015-0350
First published: Tue Apr 14 2015(Updated: )
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Acrobat Reader | <=11.2.202.451 | |
| Linux Kernel | ||
| Adobe Acrobat Reader | <=13.0.0.264 | |
| Adobe Acrobat Reader | =14.0.0.125 | |
| Adobe Acrobat Reader | =14.0.0.145 | |
| Adobe Acrobat Reader | =14.0.0.176 | |
| Adobe Acrobat Reader | =14.0.0.179 | |
| Adobe Acrobat Reader | =15.0.0.152 | |
| Adobe Acrobat Reader | =15.0.0.167 | |
| Adobe Acrobat Reader | =15.0.0.189 | |
| Adobe Acrobat Reader | =15.0.0.223 | |
| Adobe Acrobat Reader | =15.0.0.239 | |
| Adobe Acrobat Reader | =15.0.0.246 | |
| Adobe Acrobat Reader | =16.0.0.235 | |
| Adobe Acrobat Reader | =16.0.0.257 | |
| Adobe Acrobat Reader | =16.0.0.287 | |
| Adobe Acrobat Reader | =16.0.0.296 | |
| Adobe Acrobat Reader | =17.0.0.134 | |
| Apple iOS and macOS | ||
| Microsoft Windows | ||
| openSUSE | =13.1 | |
| openSUSE | =13.2 | |
| SUSE Linux Enterprise Desktop | =11.0-sp3 | |
| SUSE Linux Enterprise Desktop | =12.0 | |
| SUSE Linux Workstation Extension | =12.0 | |
| redhat enterprise linux desktop supplementary | =5.0 | |
| redhat enterprise linux desktop supplementary | =6.0 | |
| Red Hat Enterprise Linux Server Supplementary | =5.0 | |
| Red Hat Enterprise Linux Server Supplementary | =6.0 | |
| Red Hat Enterprise Linux Server Supplementary EUS | =6.6.z | |
| Red Hat Enterprise Linux Workstation Supplementary | =6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html
- http://rhn.redhat.com/errata/RHSA-2015-0813.html
- http://www.securityfocus.com/bid/74062
- http://www.securitytracker.com/id/1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://security.gentoo.org/glsa/201504-07
Frequently Asked Questions
What is the severity of CVE-2015-0350?
CVE-2015-0350 has a high severity rating as it allows attackers to execute arbitrary code or cause denial of service through memory corruption.
How do I fix CVE-2015-0350?
To fix CVE-2015-0350, update Adobe Flash Player to version 13.0.0.281 or later, or 17.0.0.169 or later.
What systems are affected by CVE-2015-0350?
CVE-2015-0350 affects Adobe Flash Player versions before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows, OS X, and specific versions on Linux.
Is my version of Adobe Flash Player vulnerable if it is updated?
If your Adobe Flash Player is updated to the latest versions, it should not be vulnerable to CVE-2015-0350.
What can attackers do by exploiting CVE-2015-0350?
By exploiting CVE-2015-0350, attackers can execute arbitrary code on the victim's machine or crash the application, causing a denial of service.
- agent/type
- agent/references
- agent/author
- agent/severity
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/adobe
- canonical/adobe acrobat reader
- version/adobe acrobat reader/11.2.202.451
- vendor/linux
- canonical/linux kernel
- version/adobe acrobat reader/13.0.0.264
- version/adobe acrobat reader/14.0.0.125
- version/adobe acrobat reader/14.0.0.145
- version/adobe acrobat reader/14.0.0.176
- version/adobe acrobat reader/14.0.0.179
- version/adobe acrobat reader/15.0.0.152
- version/adobe acrobat reader/15.0.0.167
- version/adobe acrobat reader/15.0.0.189
- version/adobe acrobat reader/15.0.0.223
- version/adobe acrobat reader/15.0.0.239
- version/adobe acrobat reader/15.0.0.246
- version/adobe acrobat reader/16.0.0.235
- version/adobe acrobat reader/16.0.0.257
- version/adobe acrobat reader/16.0.0.287
- version/adobe acrobat reader/16.0.0.296
- version/adobe acrobat reader/17.0.0.134
- vendor/apple
- canonical/apple ios and macos
- vendor/microsoft
- canonical/microsoft windows
- vendor/opensuse
- canonical/opensuse
- version/opensuse/13.1
- version/opensuse/13.2
- vendor/suse
- canonical/suse linux enterprise desktop
- version/suse linux enterprise desktop/11.0-sp3
- version/suse linux enterprise desktop/12.0
- canonical/suse linux workstation extension
- version/suse linux workstation extension/12.0
- vendor/redhat
- canonical/redhat enterprise linux desktop supplementary
- version/redhat enterprise linux desktop supplementary/5.0
- version/redhat enterprise linux desktop supplementary/6.0
- canonical/red hat enterprise linux server supplementary
- version/red hat enterprise linux server supplementary/5.0
- version/red hat enterprise linux server supplementary/6.0
- canonical/red hat enterprise linux server supplementary eus
- version/red hat enterprise linux server supplementary eus/6.6.z
- canonical/red hat enterprise linux workstation supplementary
- version/red hat enterprise linux workstation supplementary/6.0