Vulnerability CVE-2015-3097

Vulnerability Name:

CVE-2015-3097 (CCN-103714)

Assigned:

2015-06-09

Published:

2015-06-09

Updated:

2017-09-22

Summary:

Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160, Adobe AIR before 18.0.0.144, Adobe AIR SDK before 18.0.0.144, and Adobe AIR SDK & Compiler before 18.0.0.144 on 64-bit Windows 7 systems do not properly select a random memory address for the Flash heap, which makes it easier for attackers to conduct unspecified attacks by predicting this address.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Attack Complexity (AC): Privileges Required (PR): User Interaction (UI):
Scope:	Scope (S):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-200

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2015-3097

Source: CCN
Type: Google Chrome Releases Web site
Stable Channel Update

Source: BID
Type: UNKNOWN
75090

Source: CCN
Type: BID-75090
Adobe Flash Player and AIR CVE-2015-3097 Security Bypass Vulnerability

Source: SECTRACK
Type: UNKNOWN
1032519

Source: SECTRACK
Type: UNKNOWN
1032810

Source: XF
Type: UNKNOWN
adobe-flash-cve20153097-info-disc(103714)

Source: CCN
Type: Adobe Security Bulletin APSB15-11
Security updates available for Adobe Flash Player

Source: CONFIRM
Type: Patch, Vendor Advisory
https://helpx.adobe.com/security/products/flash-player/apsb15-11.html

Source: CONFIRM
Type: Patch, Vendor Advisory
https://helpx.adobe.com/security/products/flash-player/apsb15-16.html

Source: GENTOO
Type: UNKNOWN
GLSA-201506-01

Source: CCN
Type: Microsoft Security Advisory 2755801
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2015-3097

Vulnerable Configuration:

Configuration 1:

cpe:/a:adobe:air:*:*:*:*:*:*:*:* (Version <= 17.0.0.172)

OR cpe:/a:adobe:air_sdk:*:*:*:*:*:*:*:* (Version <= 17.0.0.172)

OR cpe:/a:adobe:air_sdk_&_compiler:*:*:*:*:*:*:*:* (Version <= 17.0.0.172)

OR cpe:/a:adobe:flash_player:*:*:*:*:*:*:*:* (Version <= 13.0.0.289)

OR cpe:/a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*

OR cpe:/a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*

OR cpe:/a:adobe:flash_player:14.0.0.176:*:*:*:*:*:*:*

OR cpe:/a:adobe:flash_player:14.0.0.179:*:*:*:*:*:*:*

OR cpe:/a:adobe:flash_player:15.0.0.152:*:*:*:*:*:*:*

OR cpe:/a:adobe:flash_player:15.0.0.167:*:*:*:*:*:*:*

OR cpe:/a:adobe:flash_player:15.0.0.189:*:*:*:*:*:*:*

OR cpe:/a:adobe:flash_player:15.0.0.223:*:*:*:*:*:*:*

OR cpe:/a:adobe:flash_player:15.0.0.239:*:*:*:*:*:*:*

OR cpe:/a:adobe:flash_player:15.0.0.246:*:*:*:*:*:*:*

OR cpe:/a:adobe:flash_player:16.0.0.235:*:*:*:*:*:*:*

OR cpe:/a:adobe:flash_player:16.0.0.257:*:*:*:*:*:*:*

OR cpe:/a:adobe:flash_player:16.0.0.287:*:*:*:*:*:*:*

OR cpe:/a:adobe:flash_player:16.0.0.296:*:*:*:*:*:*:*

OR cpe:/a:adobe:flash_player:17.0.0.134:*:*:*:*:*:*:*

OR cpe:/a:adobe:flash_player:17.0.0.169:*:*:*:*:*:*:*

OR cpe:/a:adobe:flash_player:17.0.0.188:*:*:*:*:*:*:*

AND

cpe:/o:microsoft:windows_7:*:*:*:*:*:*:x64:*

Configuration CCN 1:

cpe:/a:adobe:flash_player:17.0.0.188:*:*:*:*:*:*:*

OR cpe:/a:adobe:flash_player:17.0.0.188:*:*:*:*:*:*:*

AND

cpe:/o:microsoft:windows_8:-:-:-:*:-:-:x32:*

OR cpe:/o:microsoft:windows_8:::~~~~x64~:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_rt:-:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_8.1:-:-:-:*:-:-:x32:*

OR cpe:/o:microsoft:windows_8.1:::~~~~x64~:*:*:*:*:*

OR cpe:/o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*

Denotes that component is vulnerable

Vulnerability Name:

CVE-2015-3097 (CCN-104484)

Assigned:

2015-07-08

Published:

2015-07-08

Updated:

2015-07-08

Summary:

An unspecified error related to a memory address randomization of the Flash heap for the Window 7 64-bit platform in Adobe Flash Player could allow a remote attacker to obtain sensitive information.

CVSS v3 Severity:

6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)
5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Attack Complexity (AC): Privileges Required (PR): User Interaction (UI):
Scope:	Scope (S):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): None Availibility (A): None

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2015-3097

Source: CCN
Type: Google Chrome Releases Web site
Android WebView Beta Update Android WebView Beta Update Android WebView Beta Update Android WebView Beta Update

Source: CCN
Type: BID-75090
Adobe Flash Player and AIR CVE-2015-3097 Security Bypass Vulnerability

Source: XF
Type: UNKNOWN
adobe-flash-player-cve20153097-info-disc(104484)

Source: CCN
Type: Adobe Security Bulletin APSB15-16
Security updates available for Adobe Flash Player

Source: CCN
Type: Microsoft Security Advisory 2755801
Update for Vulnerabilities in Adobe Flash Player in Internet Explorer

Vulnerable Configuration:

Configuration CCN 1:

cpe:/a:adobe:flash_player:18.0.0.194:*:*:*:*:*:*:*

AND

cpe:/o:microsoft:windows_8:-:-:-:*:-:-:x32:*

OR cpe:/o:microsoft:windows_8:*:*:*:*:*:*:x64:*

OR cpe:/o:microsoft:windows_server_2012:*:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_rt:-:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_8.1:-:-:-:*:-:-:x32:*

OR cpe:/o:microsoft:windows_8.1:*:*:*:*:*:*:x64:*

OR cpe:/o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*

OR cpe:/o:microsoft:windows_rt_8.1:*:*:*:*:*:*:*:*

OR cpe:/a:google:chrome:44.0.2403.157:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:com.ubuntu.precise:def:20153097000	V	CVE-2015-3097 on Ubuntu 12.04 LTS (precise) - medium.	2015-06-09
oval:com.ubuntu.trusty:def:20153097000	V	CVE-2015-3097 on Ubuntu 14.04 LTS (trusty) - medium.	2015-06-09

BACK