vendor:
Flash Player
by:
Google Security Research
8.8
CVSS
HIGH
Integer Overflow
190
CWE
Product Name: Flash Player
Affected Version From: 17.0.0.134
Affected Version To: 17.0.0.134
Patch Exists: YES
Related CWE: CVE-2015-5122
CPE: o:adobe:flash_player:17.0.0.134
Metasploit:
https://www.rapid7.com/db/vulnerabilities/suse-cve-2015-5122/, https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2015-5122/, https://www.rapid7.com/db/vulnerabilities/hpsim-cve-2015-5122/, https://www.rapid7.com/db/vulnerabilities/adobe-flash-apsb15-18-cve-2015-5122/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2015-1235/
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2015
Integer Overflow in Function.apply()
An integer overflow while calling Function.apply can lead to enter an ActionScript function without correctly validating the supplied arguments.
Mitigation:
Upgrade to the latest version of Adobe Flash Player