CVE-2015-3038
First published: Tue Apr 14 2015(Updated: )
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3041, CVE-2015-3042, and CVE-2015-3043.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Acrobat Reader | <=11.2.202.451 | |
| Linux Kernel | ||
| Adobe Acrobat Reader | <=13.0.0.264 | |
| Adobe Acrobat Reader | =14.0.0.125 | |
| Adobe Acrobat Reader | =14.0.0.145 | |
| Adobe Acrobat Reader | =14.0.0.176 | |
| Adobe Acrobat Reader | =14.0.0.179 | |
| Adobe Acrobat Reader | =15.0.0.152 | |
| Adobe Acrobat Reader | =15.0.0.167 | |
| Adobe Acrobat Reader | =15.0.0.189 | |
| Adobe Acrobat Reader | =15.0.0.223 | |
| Adobe Acrobat Reader | =15.0.0.239 | |
| Adobe Acrobat Reader | =15.0.0.246 | |
| Adobe Acrobat Reader | =16.0.0.235 | |
| Adobe Acrobat Reader | =16.0.0.257 | |
| Adobe Acrobat Reader | =16.0.0.287 | |
| Adobe Acrobat Reader | =16.0.0.296 | |
| Adobe Acrobat Reader | =17.0.0.134 | |
| Apple iOS and macOS | ||
| Microsoft Windows | ||
| redhat enterprise linux desktop supplementary | =5.0 | |
| redhat enterprise linux desktop supplementary | =6.0 | |
| Red Hat Enterprise Linux Server Supplementary | =5.0 | |
| Red Hat Enterprise Linux Server Supplementary | =6.0 | |
| Red Hat Enterprise Linux Server Supplementary EUS | =6.6.z | |
| Red Hat Enterprise Linux Workstation Supplementary | =6.0 | |
| openSUSE | =13.1 | |
| openSUSE | =13.2 | |
| SUSE Linux Enterprise Desktop | =11.0-sp3 | |
| SUSE Linux Enterprise Desktop | =12.0 | |
| SUSE Linux Workstation Extension | =12.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html
- http://rhn.redhat.com/errata/RHSA-2015-0813.html
- http://www.securityfocus.com/bid/74062
- http://www.securitytracker.com/id/1032105
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://security.gentoo.org/glsa/201504-07
Frequently Asked Questions
What is the severity of CVE-2015-3038?
CVE-2015-3038 is classified as a critical vulnerability that can allow an attacker to execute arbitrary code or cause a denial of service.
How do I fix CVE-2015-3038?
To mitigate CVE-2015-3038, users should upgrade to the latest version of Adobe Flash Player that addresses this vulnerability.
What are the affected versions of Adobe Flash Player for CVE-2015-3038?
Adobe Flash Player versions prior to 13.0.0.281 and 14.x through 17.x before 17.0.0.169 are vulnerable.
Can CVE-2015-3038 affect users on Linux?
Yes, CVE-2015-3038 affects Adobe Flash Player for Linux versions before 11.2.202.457.
What type of attack can exploit CVE-2015-3038?
CVE-2015-3038 can be exploited via unspecified vectors that lead to memory corruption.
- agent/type
- agent/references
- agent/severity
- agent/author
- agent/remedy
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- vendor/adobe
- canonical/adobe acrobat reader
- version/adobe acrobat reader/11.2.202.451
- vendor/linux
- canonical/linux kernel
- version/adobe acrobat reader/13.0.0.264
- version/adobe acrobat reader/14.0.0.125
- version/adobe acrobat reader/14.0.0.145
- version/adobe acrobat reader/14.0.0.176
- version/adobe acrobat reader/14.0.0.179
- version/adobe acrobat reader/15.0.0.152
- version/adobe acrobat reader/15.0.0.167
- version/adobe acrobat reader/15.0.0.189
- version/adobe acrobat reader/15.0.0.223
- version/adobe acrobat reader/15.0.0.239
- version/adobe acrobat reader/15.0.0.246
- version/adobe acrobat reader/16.0.0.235
- version/adobe acrobat reader/16.0.0.257
- version/adobe acrobat reader/16.0.0.287
- version/adobe acrobat reader/16.0.0.296
- version/adobe acrobat reader/17.0.0.134
- vendor/apple
- canonical/apple ios and macos
- vendor/microsoft
- canonical/microsoft windows
- vendor/redhat
- canonical/redhat enterprise linux desktop supplementary
- version/redhat enterprise linux desktop supplementary/5.0
- version/redhat enterprise linux desktop supplementary/6.0
- canonical/red hat enterprise linux server supplementary
- version/red hat enterprise linux server supplementary/5.0
- version/red hat enterprise linux server supplementary/6.0
- canonical/red hat enterprise linux server supplementary eus
- version/red hat enterprise linux server supplementary eus/6.6.z
- canonical/red hat enterprise linux workstation supplementary
- version/red hat enterprise linux workstation supplementary/6.0
- vendor/opensuse
- canonical/opensuse
- version/opensuse/13.1
- version/opensuse/13.2
- vendor/suse
- canonical/suse linux enterprise desktop
- version/suse linux enterprise desktop/11.0-sp3
- version/suse linux enterprise desktop/12.0
- canonical/suse linux workstation extension
- version/suse linux workstation extension/12.0