Vulnerability Details : CVE-2015-5119
Public exploit exists!
Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that overrides a valueOf function, as exploited in the wild in July 2015.
Vulnerability category: OverflowMemory CorruptionExecute codeDenial of service
CVE-2015-5119 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Adobe Flash Player Use-After-Free Vulnerability
CISA required action:
The impacted product is end-of-life and should be disconnected if still in use.
CISA description:
A use-after-free vulnerability exists within the ActionScript 3 ByteArray class in Adobe Flash Player that allows an attacker to perform remote code execution.
Added on
2022-03-03
Action due date
2022-03-24
Exploit prediction scoring system (EPSS) score for CVE-2015-5119
Probability of exploitation activity in the next 30 days: 97.40%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2015-5119
-
Adobe Flash Player ByteArray Use After Free
Disclosure Date: 2015-07-06First seen: 2020-04-26exploit/multi/browser/adobe_flash_hacking_team_uafThis module exploits an use after free on Adobe Flash Player. The vulnerability, discovered by Hacking Team and made public as part of the July 2015 data leak, was described as an Use After Free while handling ByteArray objects. This module has been tested successful
CVSS scores for CVE-2015-5119
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2015-5119
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-5119
-
http://twitter.com/w3bd3vil/statuses/618168863708962816
Twitter / ?
-
https://helpx.adobe.com/security/products/flash-player/apsb15-16.html
Adobe Security BulletinPatch;Vendor Advisory
-
http://blog.trendmicro.com/trendlabs-security-intelligence/unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak/
Unpatched Flash Player Flaw, More POCs Found in Hacking Team Leak - TrendLabs Security Intelligence Blog
-
https://packetstormsecurity.com/files/132600/Adobe-Flash-Player-ByteArray-Use-After-Free.html
Adobe Flash Player ByteArray Use After Free ≈ Packet StormExploit
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00015.html
[security-announce] openSUSE-SU-2015:1207-1: critical: Security update f
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00018.html
[security-announce] SUSE-SU-2015:1214-1: critical: Security update for f
-
http://www.us-cert.gov/ncas/alerts/TA15-195A
Adobe Flash and Microsoft Windows Vulnerabilities | CISAThird Party Advisory;US Government Resource
-
https://helpx.adobe.com/security/products/flash-player/apsa15-03.html
Adobe Security BulletinPatch;Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00016.html
[security-announce] openSUSE-SU-2015:1210-1: critical: Security update f
-
http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_hacking_team_uaf
Adobe Flash Player ByteArray Use After Free
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00017.html
[security-announce] SUSE-SU-2015:1211-1: critical: Security update for f
-
https://security.gentoo.org/glsa/201507-13
Adobe Flash Player: Multiple vulnerabilities (GLSA 201507-13) — Gentoo security
-
http://www.securitytracker.com/id/1032809
Adobe Flash Player Use-After-Free Memory Flaw Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
http://www.securityfocus.com/bid/75568
Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
-
http://www.kb.cert.org/vuls/id/561288
VU#561288 - Adobe Flash ActionScript 3 ByteArray use-after-free vulnerabilityThird Party Advisory;US Government Resource
-
http://rhn.redhat.com/errata/RHSA-2015-1214.html
RHSA-2015:1214 - Security Advisory - Red Hat Customer Portal
Products affected by CVE-2015-5119
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:14.0.0.179:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:14.0.0.176:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:15.0.0.246:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:15.0.0.152:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:16.0.0.257:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:16.0.0.287:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:15.0.0.167:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:15.0.0.189:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:16.0.0.296:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:17.0.0.134:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:17.0.0.169:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:16.0.0.235:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:18.0.0.194:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:15.0.0.223:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:15.0.0.239:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:17.0.0.188:*:*:*:*:*:*:*
- cpe:2.3:a:adobe:flash_player:18.0.0.161:*:*:*:*:*:*:*