CVE-2015-3043

Confirmed PUBLISHED

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers...

Adobe · Flash Player
Exploited in the wild

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
9.8 Critical

At a Glance

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in April 2015, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, and CVE-2015-3042.

metasploit linux windows cisa
CVE Published
Apr 14, 2015
Exploitation Reported
Mar 03, 2022
CVSS
9.8 Critical
EPSS
Remote Low complexity No user interaction Unauthenticated

Affected Versions

Vendor Product Version Status
n/a
n/a

n/a

Affected

CVE References

  • openSUSE-SU-2015:0718 lists.opensuse.org · Vendor Advisory http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010...
  • SUSE-SU-2015:0722 lists.opensuse.org · Vendor Advisory http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011...
  • GLSA-201504-07 security.gentoo.org · Vendor Advisory https://security.gentoo.org/glsa/201504-07
  • RHSA-2015:0813 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2015-0813.html
  • openSUSE-SU-2015:0725 lists.opensuse.org · Vendor Advisory http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013...
Show 5 more references
  • SUSE-SU-2015:0723 lists.opensuse.org · Vendor Advisory http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012...
  • 37536 exploit-db.com · Exploit https://www.exploit-db.com/exploits/37536/
  • 74062 securityfocus.com · VDB Entry http://www.securityfocus.com/bid/74062
  • 1032105 securitytracker.com · VDB Entry http://www.securitytracker.com/id/1032105
  • helpx.adobe.com/security/products/flash-player/apsb15-06.html helpx.adobe.com · CVE Record https://helpx.adobe.com/security/products/flash-player/apsb15-06.html

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.