What is the severity of CVE-2015-3124?

CVE-2015-3124 has a critical severity level, allowing attackers to exploit the use-after-free vulnerability in Adobe Flash Player.

How do I fix CVE-2015-3124?

To fix CVE-2015-3124, update Adobe Flash Player to version 13.0.0.302 or later, or any of the specified safe versions in later major releases.

What software is affected by CVE-2015-3124?

CVE-2015-3124 affects Adobe Flash Player versions prior to 13.0.0.302, 14.x through 18.x before 18.0.0.203, and Adobe AIR versions prior to 18.0.0.180.

Can CVE-2015-3124 be exploited on Linux?

Yes, CVE-2015-3124 can be exploited on any affected version of Adobe Flash Player on Linux, specifically versions prior to 11.2.202.481.

What are the implications of CVE-2015-3124?

The implications of CVE-2015-3124 include the potential for remote code execution, which can compromise the security of affected systems.

Vulnerability/
CVE-2015-3124

critical

CWE

416

9/7/2015

6/8/2024

CVE-2015-3124: Use After Free

First published: Thu Jul 09 2015(Updated: )

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3118, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, and CVE-2015-5117.

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe Flash Player for Internet Explorer 11	<=13.0.0.289
Adobe Flash Player for Internet Explorer 11	=14.0.0.125
Adobe Flash Player for Internet Explorer 11	=14.0.0.145
Adobe Flash Player for Internet Explorer 11	=14.0.0.176
Adobe Flash Player for Internet Explorer 11	=14.0.0.179
Adobe Flash Player for Internet Explorer 11	=15.0.0.152
Adobe Flash Player for Internet Explorer 11	=15.0.0.167
Adobe Flash Player for Internet Explorer 11	=15.0.0.189
Adobe Flash Player for Internet Explorer 11	=15.0.0.223
Adobe Flash Player for Internet Explorer 11	=15.0.0.239
Adobe Flash Player for Internet Explorer 11	=15.0.0.246
Adobe Flash Player for Internet Explorer 11	=16.0.0.235
Adobe Flash Player for Internet Explorer 11	=16.0.0.257
Adobe Flash Player for Internet Explorer 11	=16.0.0.287
Adobe Flash Player for Internet Explorer 11	=16.0.0.296
Adobe Flash Player for Internet Explorer 11	=17.0.0.134
Adobe Flash Player for Internet Explorer 11	=17.0.0.169
Adobe Flash Player for Internet Explorer 11	=17.0.0.188
Adobe Flash Player for Internet Explorer 11	=17.0.0.190
Adobe Flash Player for Internet Explorer 11	=18.0.0.160
Adobe Flash Player for Internet Explorer 11	=18.0.0.194
macOS Yosemite
Microsoft Windows
Adobe Flash Player for Internet Explorer 11	<=11.2.202.468
Linux Kernel
Adobe AIR	<=18.0.0.144
Adobe AIR SDK and Compiler	<=18.0.0.144
Adobe AIR SDK & Compiler	<=18.0.0.144

Remedy

https://helpx.adobe.com/security/products/flash-player/apsb15-16.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-3124?
CVE-2015-3124 has a critical severity level, allowing attackers to exploit the use-after-free vulnerability in Adobe Flash Player.
How do I fix CVE-2015-3124?
To fix CVE-2015-3124, update Adobe Flash Player to version 13.0.0.302 or later, or any of the specified safe versions in later major releases.
What software is affected by CVE-2015-3124?
CVE-2015-3124 affects Adobe Flash Player versions prior to 13.0.0.302, 14.x through 18.x before 18.0.0.203, and Adobe AIR versions prior to 18.0.0.180.
Can CVE-2015-3124 be exploited on Linux?
Yes, CVE-2015-3124 can be exploited on any affected version of Adobe Flash Player on Linux, specifically versions prior to 11.2.202.481.
What are the implications of CVE-2015-3124?
The implications of CVE-2015-3124 include the potential for remote code execution, which can compromise the security of affected systems.

agent/type
agent/references
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/remedy
agent/author
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/adobe
canonical/adobe flash player for internet explorer 11
version/adobe flash player for internet explorer 11/13.0.0.289
version/adobe flash player for internet explorer 11/14.0.0.125
version/adobe flash player for internet explorer 11/14.0.0.145
version/adobe flash player for internet explorer 11/14.0.0.176
version/adobe flash player for internet explorer 11/14.0.0.179
version/adobe flash player for internet explorer 11/15.0.0.152
version/adobe flash player for internet explorer 11/15.0.0.167
version/adobe flash player for internet explorer 11/15.0.0.189
version/adobe flash player for internet explorer 11/15.0.0.223
version/adobe flash player for internet explorer 11/15.0.0.239
version/adobe flash player for internet explorer 11/15.0.0.246
version/adobe flash player for internet explorer 11/16.0.0.235
version/adobe flash player for internet explorer 11/16.0.0.257
version/adobe flash player for internet explorer 11/16.0.0.287
version/adobe flash player for internet explorer 11/16.0.0.296
version/adobe flash player for internet explorer 11/17.0.0.134
version/adobe flash player for internet explorer 11/17.0.0.169
version/adobe flash player for internet explorer 11/17.0.0.188
version/adobe flash player for internet explorer 11/17.0.0.190
version/adobe flash player for internet explorer 11/18.0.0.160
version/adobe flash player for internet explorer 11/18.0.0.194
vendor/apple
canonical/macos yosemite
vendor/microsoft
canonical/microsoft windows
version/adobe flash player for internet explorer 11/11.2.202.468
vendor/linux
canonical/linux kernel
canonical/adobe air
version/adobe air/18.0.0.144
canonical/adobe air sdk and compiler
version/adobe air sdk and compiler/18.0.0.144
canonical/adobe air sdk & compiler
version/adobe air sdk & compiler/18.0.0.144

CVE-2015-3124: Use After Free

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-3124?

How do I fix CVE-2015-3124?

What software is affected by CVE-2015-3124?

Can CVE-2015-3124 be exploited on Linux?

What are the implications of CVE-2015-3124?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2015-3124?

How do I fix CVE-2015-3124?

What software is affected by CVE-2015-3124?

Can CVE-2015-3124 be exploited on Linux?

What are the implications of CVE-2015-3124?