header-logo
Suggest Exploit
vendor:
Flash Player
by:
SecurityObscurity
8.8
CVSS
HIGH
Adobe Flash vulnerability
119
CWE
Product Name: Flash Player
Affected Version From: 16.0.0.296
Affected Version To: Earlier versions
Patch Exists: YES
Related CWE: CVE-2015-0313
CPE: o:adobe:flash_player
Metasploit: https://www.rapid7.com/db/vulnerabilities/suse-cve-2015-0331/https://www.rapid7.com/db/vulnerabilities/adobe-flash-apsb15-04-cve-2015-0331/https://www.rapid7.com/db/vulnerabilities/suse-cve-2015-0322/https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2015-0315/https://www.rapid7.com/db/vulnerabilities/adobe-flash-apsb15-04-cve-2015-0320/https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2015-0320/https://www.rapid7.com/db/vulnerabilities/adobe-flash-apsb15-04-cve-2015-0315/https://www.rapid7.com/db/vulnerabilities/adobe-flash-apsb15-04-cve-2015-0322/https://www.rapid7.com/db/vulnerabilities/suse-cve-2015-0315/https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2015-0322/https://www.rapid7.com/db/vulnerabilities/suse-cve-2015-0320/https://www.rapid7.com/db/vulnerabilities/adobe-flash-apsb15-04-cve-2015-0313/https://www.rapid7.com/db/vulnerabilities/freebsd-vid-734bcd49-aae6-11e4-a0c1-c485083ca99c/https://www.rapid7.com/db/vulnerabilities/suse-cve-2015-0313/
Other Scripts: https://www.infosecmatter.com/nessus-plugin-library/?id=81245https://www.infosecmatter.com/nessus-plugin-library/?id=81243https://www.infosecmatter.com/nessus-plugin-library/?id=81208https://www.infosecmatter.com/nessus-plugin-library/?id=81128https://www.infosecmatter.com/nessus-plugin-library/?id=81127https://www.infosecmatter.com/nessus-plugin-library/?id=81209https://www.infosecmatter.com/metasploit-module-library/?mm=exploit/windows/browser/adobe_flash_worker_byte_array_uafhttps://www.infosecmatter.com/list-of-metasploit-windows-exploits-detailed-spreadsheet/
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2015

Adobe Flash vulnerability source code (cve-2015-0313) from Angler Exploit Kit

This vulnerability is a use-after-free vulnerability in Adobe Flash Player that allows attackers to execute arbitrary code on the target system. The vulnerability was discovered in the Angler Exploit Kit and was used in malvertisements. It affects Adobe Flash Player versions up to 16.0.0.296 and earlier.

Mitigation:

Adobe released a patch for this vulnerability in February 2015.
Source

Exploit-DB raw data:

Source: https://github.com/SecurityObscurity/cve-2015-0313

PoC: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/36491.zip

Adobe Flash vulnerability source code (cve-2015-0313) from Angler Exploit Kit

Reference:

http://blog.trendmicro.com/trendlabs-security-intelligence/trend-micro-discovers-new-adobe-flash-zero-day-exploit-used-in-malvertisements/
http://malware.dontneedcoffee.com/2015/02/cve-2015-0313-flash-up-to-1600296-and.html
https://helpx.adobe.com/security/products/flash-player/apsa15-02.html

Navigation

Suggest Exploit

Services By CQR